summaryrefslogtreecommitdiffstats
path: root/pigeonhole/INSTALL
blob: eca1360762697b09171964e3cd84f1f14782e34f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
Compiling
=========

If you downloaded the sources using Mercurial, you will need to execute
./autogen.sh first to build the automake structure in your source tree. This
process requires autotools and libtool to be installed.

If you installed Dovecot from sources, Pigeonhole's configure script should be
able to find the installed dovecot-config automatically:

./configure
make
sudo make install

If your system uses a $prefix different than the default /usr/local, the
configure script can still find the installed dovecot-config automatically when
supplied with the proper --prefix argument:

./configure --prefix=/usr
make
sudo make install

If this doesn't work, you can use --with-dovecot=<path> configure option, where
the path points to a directory containing dovecot-config file. This can point to
an installed file:

./configure --with-dovecot=/usr/local/lib/dovecot
make
sudo make install

or to a Dovecot source directory that is already compiled:

./configure --with-dovecot=../dovecot-2.1.0
make
sudo make install

The following additional parameters may be of interest for the configuration of
the Pigeonhole build:

 --with-managesieve=yes
   Controls whether Pigeonhole ManageSieve is compiled and installed, which is
   the default.

 --with-unfinished-features=no
   Controls whether unfinished features and extensions are built. Enabling this
   will enable the compilation of code that is considered unfinished and highly
   experimental and may therefore introduce bugs and unexpected behavior.
   In fact, it may not compile at all. Enable this only when you are eager to
   test some of the new development functionality.

 --with-ldap=no
   Controls wether Sieve LDAP support is built. This allows retrieving Sieve
   scripts from an LDAP database. When set to `yes', support is built in. When
   set to `plugin', LDAP support is compiled into a Sieve plugin called
   `sieve_storage_ldap'.

Configuration
=============

The Pigeonhole package provides the following items:

  - The Sieve interpreter plugin for Dovecot's Local Delivery Agent (LDA): This
    facilitates the actual Sieve filtering upon delivery.

  - The ManageSieve Service: This implements the ManageSieve protocol through
    which users can remotely manage Sieve scripts on the server.

The functionality of these items is described in more detail in the README file.
In this file and in this section their configuration is described. Example
configuration files are provided in the doc/example-config directory of this
package.

Sieve Interpreter - Script Locations
------------------------------------

The Sieve interpreter can retrieve Sieve scripts from several types of
locations. The default `file' location type is a local filesystem path pointing
to a Sieve script file or a directory containing multiple Sieve script files.
More complex setups can use other location types such as `ldap' or `dict' to
fetch Sieve scripts from remote databases.

All settings that specify the location of one ore more Sieve scripts accept the
following syntax:

location = [<type>:]path[;<option>[=<value>][;...]]

The following script location types are implemented by default:

  file  - The location path is a file system path pointing to the script file
          or a directory containing script files with names structured as
          `<script-name>.sieve'. Read doc/locations/file.txt for more
          information and examples.

  dict  - The location path is a Dovecot dict uri. Read doc/locations/dict.txt
          for more information and examples.

  ldap  - LDAP database lookup. The location path is a configuration file with
          LDAP options. Read doc/locations/ldap.txt for more information
          and examples.

If the type prefix is omitted, the script location type is 'file' and the 
location is interpreted as a local filesystem path pointing to a Sieve script
file or directory.

The following options are defined for all location types:

  name=<script-name>
    Set the name of the Sieve script that this location points to. If the name
    of the Sieve script is not contained in the location path and the
    location of a single script is specified, this option is required
    (e.g. for dict locations that must point to a particular script).
    If the name of the script is contained in the location path, the value of
    the name option overrides the name retrieved from the location. If the Sieve
    interpreter explicitly queries for a specific name (e.g. to let the Sieve
    "include" extension retrieve a script from the sieve_global= location),
    this option has no effect.

  bindir=<dirpath>
    Points to the directory where the compiled binaries for this script location
    are stored. This directory is created automatically if possible. If this
    option is omitted, the behavior depends on the location type. For `file'
    type locations, the binary is then stored in the same directory as where the
    script file was found if possible. For `dict' type locations, the binary is
    not stored at all in that case. Don't specify the same directory for
    different script locations, as this will result in undefined behavior.
    Multiple mail users can share a single script directory if the script
    location is the same and all users share the same system credentials (uid,
    gid).

Sieve Interpreter - Basic Configuration
---------------------------------------

To use Sieve, you will first need to make sure you are using Dovecot LDA
or Dovecot LMTP for delivering incoming mail to users' mailboxes. Then, you need
to enable the Sieve interpreter plugin for LDA/LMTP in your dovecot.conf:

protocol lda {
..
  mail_plugins = sieve # ... other plugins like quota
}

protocol lmtp {
..
  mail_plugins = sieve # ... other plugins like quota
}

The Sieve interpreter recognizes the following configuration options in the
plugin section of the config file (default values are shown if applicable):

 sieve = file:~/sieve;active=~/.dovecot.sieve
   The location of the user's main Sieve script or script storage. The LDA
   Sieve plugin uses this to find the active script for Sieve filtering at
   delivery. The "include" extension uses this location for retrieving
   :personal" scripts.

   This location is also where the ManageSieve service will store the user's
   scripts, if supported by the location type. For the 'file' location type, the
   location will then be the path to the storage directory for all the user's
   personal Sieve scripts. ManageSieve maintains a symbolic link pointing to
   the currently active script (the script executed at delivery). The location
   of this symbolic link can be configured using the `;active=<path>' option.

 sieve_default =
   The location of the default personal sieve script file, which gets executed
   ONLY if user's private Sieve script does not exist, e.g.
   /var/lib/dovecot/default.sieve. This is usually a global script, so be sure
   to pre-compile this script manually using the sievec command line tool, as
   explained in the README file. This setting used to be called
   `sieve_global_path', but that name is now deprecated.

 sieve_default_name = 
   The name by which the default Sieve script is visible to ManageSieve
   clients. Normally, it is not visible at all. See "Visible Default Script"
   section below for more information.

 sieve_global =
   Location for :global include scripts for the Sieve include extension. This
   setting used to be called `sieve_global_dir', but that name is now
   deprecated.

 sieve_discard =
   The location of a Sieve script that is run for any message that is about to
   be discarded; i.e., it is not delivered anywhere by the normal Sieve
   execution. This only happens when the "implicit keep" is canceled, by e.g.
   the "discard" action, and no actions that deliver the message are executed.
   This "discard script" can prevent discarding the message, by executing
   alternative actions. If the discard script does nothing, the message is still
   discarded as it would be when no discard script is configured.

 sieve_extensions =
   Which Sieve language extensions are available to users. By default, all
   supported extensions are available, except for deprecated extensions or those
   that are still under development. Some system administrators may want to
   disable certain Sieve extensions or enable those that are not available by
   default. This setting can use '+' and '-' to specify differences relative to
   the default. For example `sieve_extensions = +imapflags' will enable the
   deprecated imapflags extension in addition to all extensions were already
   enabled by default.

 sieve_global_extensions =
   Which Sieve language extensions are ONLY avalable in global scripts. This can
   be used to restrict the use of certain Sieve extensions to administrator
   control, for instance when these extensions can cause security concerns. This
   setting has higher precedence than the `sieve_extensions' setting (above),
   meaning that the extensions enabled with this setting are never available to
   the user's personal script no matter what is specified for the
   `sieve_extensions' setting. The syntax of this setting is similar to
   the `sieve_extensions' setting, with the difference that extensions are
   enabled or disabled for exclusive use in global scripts. Currently, no
   extensions are marked as such by default.

 sieve_implicit_extensions =
   Which Sieve language extensions are implicitly available to users. The
   extensions listed in this setting do not need to be enabled explicitly using
   the Sieve "require" command. This behavior directly violates the Sieve
   standard, but can be necessary for compatibility with some existing
   implementations of Sieve (notably jSieve). Do not use this setting unless you
   really need to! The syntax and semantics of this setting are otherwise
   identical to the `sieve_extensions' setting

 sieve_plugins =
   The Pigeonhole Sieve interpreter can have plugins of its own. Using this
   setting, the used plugins can be specified. Check the Dovecot wiki
   (wiki2.dovecot.org) or the pigeonhole website (http://pigeonhole.dovecot.org)
   for available plugins. The `sieve_extprograms' plugin is included in this
   release. LDAP support may also be compiled as a plugin called
   `sieve_storage_ldap'.

 sieve_user_email =
   The primary e-mail address for the user. This is used as a default when no
   other appropriate address is available for sending messages. If this setting
   is not configured, either the postmaster or null "<>" address is used as a
   sender, depending on the action involved. This setting is important when
   there is no message envelope to extract addresses from, such as when the
   script is executed in IMAP.

 sieve_user_log =
   The path to the file where the user log file is written. If not configured, a
   default location is used. If the main user's personal Sieve (as configured
   with sieve=) is a file, the logfile is set to <filename>.log by default. If
   it is not a file, the default user log file is ~/.dovecot.sieve.log.

 recipient_delimiter = +
   The separator that is expected between the :user and :detail address parts
   introduced by the subaddress extension. This may also be a sequence of
   characters (e.g. '--'). The current implementation looks for the separator
   from the left of the localpart and uses the first one encountered. The :user
   part is left of the separator and the :detail part is right. This setting is
   also used by Dovecot's LMTP service.

 sieve_redirect_envelope_from = sender
   Specifies what envelope sender address is used for redirected messages.
   Normally, the Sieve "redirect" command copies the sender address for the
   redirected message from the  processed message. So, the redirected message
   appears to originate from the original sender. The following values are
   supported for this setting:
   
     "sender"         - The sender address is used (default).
     "recipient"      - The final recipient address is used.
     "orig_recipient" - The original recipient is used.
     "user_email"     - The user's primary address is used. This is
                        configured with the "sieve_user_email" setting. If
                        that setting is unconfigured, "user_mail" is equal to
                        "sender" (the default).
     "postmaster"     - The postmaster_address configured for the LDA.
     "<user@domain>"  - Redirected messages are always sent from user@domain.
                        The angle brackets are mandatory. The null "<>" address
                        is also supported.

   When the envelope sender of the processed message is the null address "<>",
   the envelope sender of the redirected message is also always "<>",
   irrespective of what is configured for this setting. 

 sieve_redirect_duplicate_period = 12h
   In an effort to halt potential mail loops, the Sieve redirect action records
   identifying information for messages it has forwarded. If a duplicate message
   is seen, it is not redirected and the message is discarded; i.e., the
   implicit keep is canceled. This setting configures the period during which
   the identifying information is recorded. If an account forwards many
   messages, it may be necessary to lower this setting to prevent the
   ~/.dovecot.lda-dupes database file (in which these are recorded) from growing
   to an impractical size.

For example:

plugin {
...
  # The include extension fetches the :personal scripts from this
  # directory. When ManageSieve is used, this is also where scripts
  # are uploaded.
  sieve = file:~/sieve

  # If the user has no personal active script (i.e. if the location
  # indicated in sieve= settings does have and active script or does not exist),
  # use this one:
  sieve_default = /var/lib/dovecot/sieve/default.sieve

  # The include extension fetches the :global scripts from this
  # directory.
  sieve_global = /var/lib/dovecot/sieve/global/
}

Sieve Interpreter - Configurable Limits
---------------------------------------

The settings that specify a period are specified in s(econds), unless followed
by a d(ay), h(our), or m(inute) specifier character.

 sieve_max_script_size = 1M
   The maximum size of a Sieve script. The compiler will refuse to compile any
   script larger than this limit. If set to 0, no limit on the script size is
   enforced.

 sieve_max_actions = 32
   The maximum number of actions that can be performed during a single script
   execution. If set to 0, no limit on the total number of actions is enforced.

 sieve_max_redirects = 4
   The maximum number of redirect actions that can be performed during a single
   script execution. If set to 0, no redirect actions are allowed.

 sieve_max_cpu_time = 30s
   The maximum amount of CPU time that a Sieve script is allowed to use while
   executing. If the execution exceeds this resource limit, the script ends with
   an error, causing the implicit "keep" action to be executed. This limit is
   not only enforced for a single script execution, but also cumulatively for
   the last executions within a configurable timeout
   (see sieve_resource_usage_timeout).

 sieve_resource_usage_timeout = 1h
   To prevent abuse, the Sieve interpreter can record resource usage of a Sieve
   script execution in the compiled binary if it is significant. Currently, this
   happens when CPU system + user time exceeds 1.5 seconds for one execution.
   Such high resource usage is summed over time in the binary and once that
   cumulative resource usage exceeds the limits (sieve_max_cpu_time), the Sieve
   script is disabled in the binary for future execution, even if an individual
   execution exceeded no limits. If the last time high resource usage was
   recorded is older than sieve_resource_usage_timeout, the resource usage in
   the binary is reset. This means that the Sieve script is only disabled when
   the limits are cumulatively exceeded within this timeout. With the default
   configuration this means that the Sieve script is only disabled when the
   total CPU time of Sieve executions that lasted more than 1.5 seconds exceeds
   30 seconds in the last hour. A disabled Sieve script can be reactivated by
   the user by uploading a new version of the Sieve script after the excessive
   resource usage times out. An administrator can force reactivation by forcing
   a script compile (e.g. using the sievec command line tool).

Sieve Interpreter - Per-user Sieve Script Location
--------------------------------------------------

By default, the Pigeonhole LDA Sieve plugin looks for the user's Sieve script
file in the user's home directory (~/.dovecot.sieve). This requires that the
home directory is set for the user.

If you want to store the script elsewhere, you can override the default using
the sieve= setting, which specifies the location of the user's script file. This
can be done in two ways:

 1. Define the sieve setting in the plugin section of dovecot.conf.
 2. Return sieve extra field from userdb extra fields.

For example, to use a Sieve script file named <username>.sieve in
/var/sieve-scripts, use:

plugin {
...

 sieve = /var/sieve-scripts/%u.sieve
}

You may use templates like %u, as shown in the example. Refer to
http://wiki.dovecot.org/Variables for more information.

A relative path (or just a filename) will be interpreted to point under the
user's home directory.

Sieve Interpreter - Executing Multiple Scripts Sequentially
-----------------------------------------------------------

Pigeonhole's Sieve interpreter allows executing multiple Sieve scripts
sequentially. The extra scripts can be executed before and after the user's
private script. For example, this allows executing global Sieve policies before
the user's script. The following settings in the plugin section of the Dovecot
config file control the execution sequence:

 sieve_before =
 sieve_before2 =
 sieve_before3 = (etc..)
   Location Sieve of scripts that need to be executed before the user's personal
   script. If a 'file' location path points to a directory, all the Sieve
   scripts contained therein (with the proper `.sieve' extension) are executed.
   The order of execution within that directory is determined by the file names,
   using a normal 8bit per-character comparison.

   Multiple script locations can be specified by appending an increasing number
   to the setting name. The Sieve scripts found from these locations are added
   to the script execution sequence in the specified order. Reading the numbered
   sieve_before settings stops at the first missing setting, so no numbers may
   be skipped.

 sieve_after =
 sieve_after2 =
 sieve_after3 = (etc..)
   Identical to sieve_before, but the specified scripts are executed after the
   user's script (only when keep is still in effect, as explained below).

The script execution ends when the currently executing script in the sequence
does not yield a "keep" result: when the script terminates, the next script is
only executed if an implicit or explicit "keep" is in effect. Thus, to end all
script execution, a script must not execute keep and it must cancel the implicit
keep, e.g. by executing "discard; stop;". This means that the command "keep;"
has different semantics when used in a sequence of scripts. For normal Sieve
execution, "keep;" is equivalent to "fileinto "INBOX";", because both cause the
message to be stored in INBOX. However, in sequential script execution, it only
controls whether the next script is executed. Storing the message into INBOX
(the default folder) is not done until the last script in the sequence executes
(implicit) keep. To force storing the message into INBOX earlier in the
sequence, the fileinto command can be used (with ":copy" or together with
"keep;").

Apart from the keep action, all actions triggered in a script in the sequence
are executed before continuing to the next script. This means that when a script
in the sequence encounters an error, actions from earlier executed scripts are
not affected. The sequence is broken however, meaning that the script execution
of the offending script is aborted and no further scripts are executed. An
implicit keep is executed instead if necessary, meaning that the interpreter
makes sure that the message is at least stored in the default folder (INBOX).

Just as for executing a single script the normal way, the Pigeonhole LDA Sieve
plugin takes care never to duplicate deliveries, forwards or responses. When
vacation actions are executed multiple times in different scripts, the usual
error is not triggered: the subsequent duplicate vacation actions are simply
discarded.

For example:

plugin {
...
   # Global scripts executed before the user's personal script.
   #   E.g. handling messages marked as dangerous
   sieve_before = /var/lib/dovecot/sieve/discard-virusses.sieve

   # Domain-level scripts retrieved from LDAP
   sieve_before2 = ldap:/etc/dovecot/sieve-ldap.conf;name=ldap-domain

   # User-specific scripts executed before the user's personal script.
   #   E.g. a vacation script managed through a non-ManageSieve GUI.
   sieve_before3 = /var/vmail/%d/%n/sieve-before

   # User-specific scripts executed after the user's personal script.
   # (if keep is still in effect)
   #   E.g. user-specific default mail filing rules
   sieve_after = /var/vmail/%d/%n/sieve-after

   # Global scripts executed after the user's personal script
   # (if keep is still in effect)
   #   E.g. default mail filing rules.
   sieve_after2 = /var/lib/dovecot/sieve/after.d/
}

IMPORTANT: The scripts specified by sieve_before and sieve_after are often
located in global locations to which the Sieve interpreter has no write access
to store the compiled binaries. In that case, be sure to manually pre-compile
those scripts using the sievec tool, as explained in the README file.

Sieve Interpreter - Visible Default Script
------------------------------------------

The `sieve_default=' setting specifies the location of a default script that
is executed when the user has no active personal script. Normally, this
default script is invisible to the user; i.e., it is not listed in ManageSieve.
To give the user the ability to see and read the default script, it is possible
to make it visible under a specific configurable name using the
`sieve_default_name' setting.

ManageSieve will magically list the default script under that name, even though
it does not actually exist in the user's normal script storage location. This
way, the ManageSieve client can see that it exists and it can retrieve its
contents. If no normal script is active, the default is always listed as active.
The user can replace the default with a custom script, by uploading it under the
default script's name. If that custom script is ever deleted, the default script
will reappear from the shadows implicitly.

This way, ManageSieve clients will not need any special handling for this
feature. If the name of the default script is equal to the name the client uses
for the main script, it will initially see and read the default script when the
user account is freshly created. The user can edit the script, and when the
edited script is saved through the ManageSieve client, it will will override the
default script. If the user ever wants to revert to the default, the user only
needs to delete the edited script and the default will reappear.

The name by which the default script will be known is configured using the
`sieve_default_name' setting. Of course, the `sieve_default' setting needs to
point to a valid script location as well for this to work. If the default script
does not exist at the indicated location, it is not shown.

For example:

plugin {
...
  sieve = file:~/sieve;active=~/.dovecot.sieve

  sieve_default = /var/lib/dovecot/sieve/default.sieve
	sieve_default_name = roundcube
}

Sieve Interpreter - Extension Configuration
-------------------------------------------

- Editheader extension:

  The editheader extension [RFC5293] enables sieve scripts to interact with
  other components that consume or produce header fields by allowing the script
  to delete and add header fields.

  The editheader extension requires explicit configuration and is not enabled
  for use by default. Refer to doc/extensions/editheader.txt for configuration
  information.

- Vacation extension:

  The Sieve vacation extension [RFC5230] defines a mechanism to generate
  automatic replies to incoming email messages.

  The vacation extension is available by default, but it has its own specific
  configuration options. Refer to doc/extensions/vacation.txt for settings
  specific to the vacation extension.

- Variables extension:

  The Sieve variables extension [RFC5229] adds the concept of variables to the
  Sieve language.

  The variables extension is available by default, but it has its own specific
  configuration options. Refer to doc/extensions/variables.txt for settings
  specific to the variables extension.

- Include extension:

  The Sieve include extension (draft) permits users to include one Sieve script
  into another.

  The include extension is available by default, but it has its own specific
  configuration options. Refer to doc/extensions/include.txt for settings
  specific to the include extension.

- Spamtest and virustest extensions:

  Using the spamtest and virustest extensions (RFC 5235), the Sieve language
  provides a uniform and standardized command interface for evaluating spam and
  virus tests performed on the message. Users no longer need to know what headers
  need to be checked and how the scanner's verdict is represented in the header
  field value. They only need to know how to use the spamtest (spamtestplus) and
  virustest extensions. This also gives GUI-based Sieve editors the means to
  provide a portable and easy to install interface for spam and virus filter
  configuration.

  The spamtest, spamtestplus and virustest extensions require explicit
  configuration and are not enabled for use by default. Refer to
  doc/extensions/spamtest-virustest.txt for configuration information.

- Duplicate extension:

  The duplicate extension augments the Sieve filtering implementation with a
  test that facilitates detecting and handling duplicate message deliveries,
  e.g. as caused by mailinglists when people reply both to the mailinglist and
  the user directly.

  Refer to doc/extensions/vnd.dovecot.duplicate.txt for configuration
  information.

- Dovecot environment extension:

  The vnd.dovecot.environment extension builds on the standard environment
  extension. It adds a few extra environment items that are useful for Sieve
  scripts used by Dovecot.

  Refer to doc/extensions/vnd.dovecot.environment.txt for more information.

- Extprograms plugin;
    vnd.dovovecot.pipe, vnd.dovecot.filter, vnd.dovecot.execute extensions:

  The "sieve_extprograms" plugin provides extensions to the Sieve filtering
  language adding new action commands for invoking a predefined set of external
  programs. Messages can be piped to or filtered through those programs	and
  string data can be input to and retrieved from those programs.

  This plugin and the extensions it provides require explicit configuration and
  are not enabled for use by default. Refer to doc/plugins/sieve_extprograms.txt
  for more information.

- Imapsieve plugins

  The "sieve_imapsieve" Sieve plugin and the "imap_sieve" IMAP plugin add Sieve
  support to IMAP.

  Refer to doc/plugins/imapsieve.txt for more information.

- IMAP Filter Sieve plugin

  The "imap_filter_sieve" plugin adds the ability to manually invoke Sieve
  filtering in IMAP.

  Refer to doc/plugins/imap_filter_sieve.txt for more information.

Sieve Interpreter - Trace Debugging
-----------------------------------

Trace debugging provides detailed insight in the operations performed by
the Sieve script. Messages about what the Sieve script is doing are written
to the specified directory.

WARNING: On a busy server, this functionality can quickly fill up the trace
directory with a lot of trace files. Enable this only temporarily and as
selective as possible.

The following settings apply to both the LDA Sieve plugin and the IMAPSIEVE
plugin:

 sieve_trace_dir =  
  The directory where trace files are written. Trace debugging is disabled if
  this setting is not configured or if the directory does not exist. If the 
  path is relative or it starts with "~/" it is interpreted relative to the
  current user's home directory.

 sieve_trace_level = 
   The verbosity level of the trace messages. Trace debugging is disabled if
   this setting is not configured. Possible values are:
  
     "actions"  - Only print executed action commands, like keep, fileinto,
                  reject and redirect.
     "commands" - Print any executed command, excluding test commands.
     "tests"    - Print all executed commands and performed tests.
     "matching" - Print all executed commands, performed tests and the values
                  matched in those tests.

 sieve_trace_debug = no  
   Enables highly verbose debugging messages that are usually only useful for
   developers.

 sieve_trace_addresses = no   
   Enables showing byte code addresses in the trace output, rather than only
   the source line numbers.

Sieve Interpreter - Migration from CMUSieve (Dovecot v1.0/v1.1)
---------------------------------------------------------------

For the most part, migration from CMUSieve to the Pigeonhole LDA Sieve plugin is
just a matter of changing the used plugin name from 'cmusieve' to 'sieve' in the
mail_plugins option in the protocol lda section of the config file (as explained
above). However, there are a few important differences:

 * The imapflags extension is now called imap4flags. The CMUSieve implementation
   is based on an old draft specification that is not completely compatible.
   Particularly, the mark and unmark commands were removed from the new
   specification. For backwards compatibility, support for the old imapflags
   extension can be enabled using the sieve_extensions setting (as explained
   above). This is disabled by default.

 * The notify extension is now called enotify. The CMUSieve implementation is
   based on an old draft specification that is not completely compatible.
   Particularly, the denotify command and $text$ substitutions were removed from
   the new specification. For backwards compatibility, support for the old
   imapflags extension can be enabled using the sieve_extensions setting (as
   explained above). This is disabled by default.

 * The include extension now requires your script file names to end with
   ".sieve". This means that ` include :personal "myscript"; ' won't work unless
   you rename "myscript" to "myscript.sieve"

Sieve Interpreter - Migration from Dovecot Sieve v0.1.x (Dovecot v1.2)
----------------------------------------------------------------------

 * Dovecot v2.0 adds support for LMTP. Much like the Dovecot LDA, it can make
   use of the Pigeonhole Sieve plugin. Since the LMTP service has its own
   prototocol lmtp section in the config file, you need to add the Sieve plugin
   to the mail_plugins setting there too when you decide to use LMTP.
 * The 'sieve_subaddress_sep' setting for the Sieve subaddress extension is now
   known as 'recipient_delimiter'. Although sieve_subaddress_sep is still
   recognized for backwards compatibility, it is recommended to update the
   setting to the new name, since the LMTP service also uses the
   recipient_delimiter setting.

ManageSieve Service - Basic Configuration
-----------------------------------------

IMPORTANT:

  If you have used the LDA Sieve plugin without ManageSieve before and you have
  .dovecot.sieve files in user directories, you are advised to make a backup
  before installing ManageSieve. Although the ManageSieve service takes care to
  move these files to the Sieve directory before it is substituted with a
  symbolic link, this is not a very well tested operation, meaning that there is
  a slim possibility that existing Sieve scripts get lost.

Just like all other binaries that Dovecot uses, the managesieve and
managesieve-login binaries are installed during make install.

There are two things that have be done to activate the ManageSieve support in
Dovecot:

 * The first step is to add `sieve' to the protocols= configuration line in
   your dovecot.conf.

 * The next step is specifying an additional service type for the ManageSieve
   service. This could be done in Dovecot's conf.d/master.conf or you can use
   the 20-managesieve.conf file from the doc/example-config/conf.d directory of
   this package.

   For example:

    service managesieve-login {
      inet_listener sieve {
        port = 4190
      }
    }

Because the implementation of the ManageSieve daemon is largely based on the
original IMAP implementation, it is very similar in terms of configuration. The
following settings can be configured in the 'protocol sieve' section:

 managesieve_max_line_length = 65536
   The maximum ManageSieve command line length in bytes. This setting is
   directly borrowed from IMAP. But, since long command lines are very unlikely
   with ManageSieve, changing this will not be very useful.

 managesieve_logout_format = bytes=%i/%o
   Specifies the string pattern used to compose the logout message of an
   authenticated session. The following substitutions are available:

     %i - total number of bytes read from client
     %o - total number of bytes sent to client

 managesieve_implementation_string = Dovecot Pigeonhole
   To fool ManageSieve clients that are focused on CMU's timesieved, you can
   specify the IMPLEMENTATION capability that the Dovecot reports to clients
   (e.g. 'Cyrus timsieved v2.2.13').

 managesieve_max_compile_errors = 5
   The maximum number of compile errors that are returned to the client upon
   script upload or script verification.

 managesieve_sieve_capability =
 managesieve_notify_capability =
   Respectively the SIEVE and NOTIFY capabilities reported by the ManageSieve
   service before authentication. If left unassigned these will be assigned
   dynamically according to what the Sieve interpreter supports by default
   (after login this may differ depending on the authenticated user).

Additionally, the ManageSieve service uses the following settings from the
plugin section of the config file. These settings are the same ones used by
the LDA Sieve plugin.

 sieve = file:~/sieve;active=~/.dovecot.sieve
   This specifies the location where the scripts that are uploaded through
   ManageSieve are stored. During delivery, the LDA Sieve plugin uses this
   location setting to find the active script for Sieve filtering. The Sieve
   "include" extension uses this location for retrieving ":personal" scripts.
   If the location type does not allow uploading scripts, the ManageSieve
   service cannot be used. Currently, only the 'file' location type supports
   ManageSieve. 

   For the 'file' location type:

    * The location is the path to the storage directory for all the user's
      personal Sieve scripts. Scripts are stored as separate files with
      extension .sieve. All other files are ignored when scripts are listed
      by a ManageSieve client. The storage directory is always generated
      automatically if it does not exist (as far as the system permits the
      user to do so; no root privileges are used). This is similar to the
      behavior of the mail daemons regarding the mail_location configuration.
   
    * ManageSieve maintains a symbolic link pointing to the currently active
      script (the script executed at delivery). The location of this symbolic
      link can be configured using the ;active=<path> option. If a regular
      file already exists at the location specified by in the ;active=<path>
      location option, it is moved to the storage directory before the
      symbolic link is installed. It is renamed to dovecot.orig.sieve and
      therefore listed as dovecot.orig by a ManageSieve client.

      NOTE: It is not wise to place this active symbolic link inside your
            mail store, as it may be mistaken for a mail folder. Inside a
            maildir for instance, the default .dovecot.sieve would show up
            as phantom folder /dovecot/sieve in your IMAP tree. 

   For Pigeonhole versions before v0.3.1, this setting can only be a
   filesystem path pointing to a script file, or - when ManageSieve is used -
   it is the location of the symbolic link pointing to the active script in
   the storage directory. That storage directory is then configured using the
   deprecated `sieve_dir' setting. 

The following provides an example configuration for Sieve and ManageSieve. Only
sections and settings relevant to ManageSieve are shown. Refer to
20-managesieve.conf in the doc/example-config/conf.d directory for a full
example with comments, but don't forget to configure Sieve and add sieve to the
'protocols = ...' setting if you use it.

# *** conf.d/20-managesieve.conf ***

service managesieve-login {
  inet_listener sieve {
    # Bind the daemon only to the specified address(es)
    # (default: *, ::)
    address = 127.0.0.1
    # Specify an alternative port the daemon must listen on
    # (default: 4190)
    port = 2000
  }
}

protocol sieve {
  managesieve_max_compile_errors = 10
}

# ***  conf.d/90-sieve.conf ***

plugin {
  sieve=file:~/sieve;active=~/.dovecot.sieve
}

# *** dovecot.conf ***

# .... (other config items)

# Start imap, pop3, lmtp and managesieve services
protocols = imap pop3 lmtp sieve

# .... (other config items)

ManageSieve Service - Quota Support
-----------------------------------

By default, users can manage an unlimited number of Sieve scripts on the server
through ManageSieve. However, ManageSieve can be configured to enforce limits on
the number of personal Sieve scripts per user and/or the amount of disk storage
used by these scripts. The maximum size of individual uploaded scripts is
dictated by the configuration of the Sieve plugin. The limits are configured in
the plugin section of the Dovecot configuration as follows:

 sieve_max_script_size = 1M
   The maximum size of a Sieve script. If set to 0, no limit on the script size
   is enforced.

 sieve_quota_max_scripts = 0
   The maximum number of personal Sieve scripts a single user can have. If set
   to 0, no limit on the number of scripts is enforced.

 sieve_quota_max_storage = 0
   The maximum amount of disk storage a single user's scripts may occupy. If set
   to 0, no limit on the used amount of disk storage is enforced.

ManageSieve Service - Proxying
------------------------------

Like Dovecot's imapd, the ManageSieve login daemon supports proxying to multiple
backend servers. Although the underlying code is copied from the imapd sources
for the most part, it has some ManageSieve-specifics that have not seen much
testing.

The proxy configuration wiki page for POP3 and IMAP should apply to ManageSieve
as well:

http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy

ManageSieve Service - Migration
-------------------------------

The following has changed since the ManageSieve releases for Dovecot v1.x:

 * For Dovecot v1.0 and v1.1, the sieve_dir setting used by ManageSieve was
   called sieve_storage. Also, the sieve and sieve_storage settings were located
   inside the 'protocol managesieve' section of the configuration. As per
   Dovecot v1.2, these settings are shared with the Sieve plugin and located in
   the 'plugin' section of the configuration. Make sure you have updated the
   name of the sieve_dir setting and the location of both these settings if you
   are upgrading from ManageSieve for Dovecot v1.0/v1.1.
 * Pigeonhole ManageSieve does not use the mail_location configuration as a
   fall-back anymore to determine a default location for storing Sieve scripts.
   It always uses the sieve_dir setting, with default value ~/sieve.
 * The Pigeonhole ManageSieve service now binds to TCP port 4190 by default due
   to the IANA port assignment for the ManageSieve service. When upgrading from
   v1.x, this should be taken into account. For a smooth transition, the service
   can be configured manually to listen on both port 2000 and port 4190, as
   demonstrated in the example above.
 * The Dovecot configuration now calls the ManageSieve protocol 'sieve' instead
   of 'managesieve' because it is registered as such with IANA. The binaries and
   the services are still called 'managesieve' and 'managesieve-login'. The
   example above demonstrates how this affects the configuration.

Test Suite
==========

This package includes a test suite to verify the basic processing of the Sieve
interpreter on your particular platform. Note that the test suite is not
available when this package is compiled against the Dovecot headers only. The
test suite executes a list of test cases and halts when one of them fails. If it
executes all test cases successfully, the test suite finishes. You can execute
the basic test suite using `make test`, which does not include the plugins. You
can test the plugins using `make test-plugins`.

A failing test case is always a bug and a report is greatly appreciated.