[Dovecot] Will pay $500 towards a Dovecot feature
10 days ago I proposed this addition (see below) to Dovecot and got a lot of positive response. I would like to make it happen. I'm willing to contribute $500 to the development of this feature. It doesn't have to be implemented perfectly but needs to be workable to the extent that I can telnet into the Dovecot server and run it manually from the command line. I want to at least be able to run a simple script that I will write to add or remove someone from a black list text file.
Timo has limited time but has indicated that he will allow it as a kind of undocumented feature (or wiki documented only). This is a sort of proof of concept feature and if it ever becomes a standard the standard will probably be different. However, we should implement it in a way that would be as close to a standard as possible.
So - I'm looking for a programmer to make it happen. I'm also looking for others who might also kick in a few bucks as well if necessary. Here's the rough spec.
Here's some thoughts I'd like to throw out there. I know it's not standard IMAP protocol but someone has to try new ideas first and I want to see what people (Timo) think of this.
IMAP establishes a connection between the client and the server. Wouldn't it be great if it could be a conduit to let custom Thunderbird plugins talk to custom server application over the IMAP interface? For example, personalized server settings. Suppose for example I want Thunderbird to edit my server side white lists or black lists or any other setting? Wouldn't it be nice if IMAP supported these changes? The connection is made. It's a secure connection that's been authenticated. Lets use it!
Here's my initial thoughts on this. Suppose we extended IMAP to include an EXECUTE command as follows:
EXECUTE command parameter, parameter ....
On the server side is a config file that has the commands that execute will allow and what programs they run. When the execute command is seen by Dovecot then Dovecot runs the program in the list with the parameters passed. For example, suppose there is a command to add a user to a server side blacklist.
100 execute blacklist add joe@smith.com 100 ok
Dovecot would open a two way connection to the server application allowing the client to talk to any application that is configured and can send and receive text. The connection persists until the server end terminates or the client closes the connection.
With a tool like this one can write generic applications easily that would greatly expand what email clients can do interacting with the server. Not only can setting be changes but you could interact with server side calendars, pick up voice messages from phone systems, run any sort of groupware, all over a generic IMAP connection with this simple extension.
Example:
100 EXECUTE calendar 100 ok 100 list schedule today 8:00 10:00 100 8:00 make coffee 100 9:00 meeting with boss 100 9:30 Call Joe Blow at 415-555-1212 100 ok 100 quit 100 ok
One thing I'd like to use it for is an outgoing SMTP connection to send outgoing email over IMAP. A session might look like this:
999 EXECUTE smtp 999 220 darwin.ctyme.com ESMTP Exim 4.67 Sun, 13 May 2007 06:52:26 -0700 999 helo ctyme.com 999 250 darwin.ctyme.com Hello localhost [127.0.0.1] 999 mail from:marc@perkel.com 999 250 OK 999 rcpt to:dovecot@dovecot.org 999 250 Accepted ...... 999 quit 999 OK
Config File:
There would have to be a config file that would be a table of what command run what. An example might look like this:
calendar: /usr/bin/dovecot/calendar blacklist: /etc/exim/scripts/blacklist
Probably might eventually want to add UID/GID and root directory restrictions for security. Login information and connection IP should be passed in the environment.
On Wed, 2007-05-23 at 21:11 +0200, DINH Viêt Hoà wrote:
why not use ssh for that purpose ?
You wouldn't necessarily want all your users to ssh into your mail server, or deal with the configuration of that.
Doing it through dovecot means it's already locked down to some point.
I wonder if I could even create a 'rick@havokmon.com' shell account...
I think it's a great idea.
Rick
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 24 May 2007, DINH Viêt Hoà wrote:
By the was, I don't understand why a thunderbird plugin would not be able to do ssh :)
It might, but the server doesn't. Many IMAP servers do not allow users to have SSH access on the box, but prefer locking them down, e.g. with Webinterfaces or IMAP. Also, Dovecot has other ways of authentification, e.g. Virtual Users.
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRlUxpS9SORjhbDpvAQJfmQf/QkN/TFqaaaxduqprWJBrNjDqQc1cU4Jv 4p27lU9m8UdV3mO5Tsv9pziupn1SiCIrS3gh8m1IlgNRBRypiQWxGvD8d7JpyfEJ qO5U8poz82ct/oZmmQYdGCG5do6gxT8gm2CzTPM8uHd9MiGBXDvZh5Z09M7kUH8/ lTI/JK0gqOcQVjMsSLh7tdcW0bMi9st3QTnta1qHKCSohpHzYe+7yqjBIqiaCl67 dGHdsD3dAhFMLSLrolJaEOMi9WoufXbVxMzFIfdKCLEPxzgZyjMHjQtBWNpZOcNe TOQVSbyJDeBCFXDPHrINcKrEIHzacu/tvTOvvZie9dChpzl17p2WYg== =eeZi -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 24 May 2007, Johannes Berg wrote:
SSH can authentificate Virtual Users against Dovecot? Get the Virtual Home directory etc.pp.
How do you restict Virtual Users with the same systen uid against overwriting other Virtual User's files in S/Ftp?
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRlWsOS9SORjhbDpvAQJ3oAf/Xl7gmt5BMIIUeqM1PyV+TzyDA0Nkzoge CitmckaC+OMX4zhYSpU8MxydUr6JUZrSz0N79RzWNDpcNR7lBruUwWFdxrAQA2uV ccLguac+i83QOAQW6eziAmvhTeW4uKQUDig3MBFE8AF9Y9pW2fWWpch36FVDDqoW 2arxX5Glr1F0g+TJBU5nrjpxO3Eq5lby7fmiJVSubs92Wx7H4yMc80A8jYIBpg/i 7t+zG+RIy/wib0CBGiTE7rL/5DLgN/RtJo0b/cV7V0MG5cimi7o1ermGrALXI/6i 6GU4noRobc4oC9qAzsRpwNPzrEOwlQ6hwcWY2fni0vOOomQNI08ZQw== =K5V/ -----END PGP SIGNATURE-----
Quoting Steffen Kaiser <skdovecot@smail.inf.fh-bonn-rhein-sieg.de>:
I learned the last time this came up that people who can't understand why overloading IMAP with other protocols is bad also can't understand how ssh authentication works or what the difference is between a protocol and an application.
The fact is, 99% of the people who want to add additional protocols to the IMAP protocol just don't care about any alternatives. They want to overload the IMAP protocol and they won't consider any other options.
Trying to explain to them that ssh authentication can handle virtual users is just going to result in being flamed as ignorant. I say this from experience on this list.
-- Eric Rostetter The Department of Physics The University of Texas at Austin
Go Longhorns!
On Thu, 2007-05-24 at 14:53 -0500, Eric Rostetter wrote:
Hm. I guess so. I haven't followed most threads in depth, just threw in a comment here and there...
Which is sad since other protocols can give them so much more flexibility with so much less headwind.
Well, here's to hoping that this misfeature will never make it into anything I end up supporting. Nightmare.
johannes
Frank Cusack wrote:
"It's rumoured to be the most complex Internet Engineering Task Force designed protocol ever..." -- http://en.wikipedia.org/wiki/Application_Configuration_Access_Protocol
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Frank Cusack schrieb:
Hi all, i think sombody would have like to a imap calender solution implemented in dovecot? Am i right here?
You can have simular right now using thunderbird , lightning, kolab plugin, ( should be shown in horde webmail too ) if dovecot/thunderbird has acl in future , you would give acl on that imap folder, so you may have shared calenders and adressbooks with imap as well as private ones, which should be shown up in horde webmail too. This makes thunderbird/horde nearly working same featured than exchange/outlook. For now it isnt perfect , but i use it in small setups. still coding i needed in kolab extensions, horde etc.
Mit freundlichen Gruessen Best Regards
Robert Schetterer
https://www.schetterer.org Munich/Bavaria/Germany -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGVTgUfGH2AvR16oERAlCXAJ9HcHcPVi4BtZIdBPcZAHR4tKcTSwCfW3zt osfNdaMCq7PYQMT3gTSfptM= =QjgI -----END PGP SIGNATURE-----
Hi!
Dovecot is an excellent piece of software. It is fast, compatible, has an enourmous amount of configuration possibilities and just works. I very well understand that software like this is rare -- but by demanding extensions that have nothing to do with what that software (Dovecot in this case) was written for you will just get what most other software is like: unreliable, bloated, underdocumented, incompatible and slow. If you want a calendaring solution, go ahead and look for a calendar server. And please don't try to make the only cool imap server in this world behave strangely and serve calendars... (I also wish there was more software like dovecot...)
best regards, Adi Kriegisch
On Thu, 2007-05-24 at 09:37 +0200, Adi Kriegisch wrote:
I'm using iCal in my OSX Laptop and Evolution in Linux Desktop. Once OSX 10.5 is released with its CalDAV support I'm planning on installing some CalDAV server and probably implement dovecot-auth support for it.
Perhaps some day in future I'll also implement CalDAV, but first I'll need to write a web server. :)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
DINH Viêt Hoà schrieb:
hi @ll i have a customer who uses ical apple with a apache webdav setup , this seems to works nice, but there are a lot of problems with apple mail and imap
Mit freundlichen Gruessen Best Regards
Robert Schetterer
https://www.schetterer.org Munich/Bavaria/Germany -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGVW7ifGH2AvR16oERArhuAKCD1uodo2WL8QBIhEDaMgLgBFot5ACeIL5k fme/+q7iS9wfi0QdiTNxOoQ= =PXfl -----END PGP SIGNATURE-----
On May 24, 2007, at 6:54 AM, Robert Schetterer wrote:
but there are a lot of problems with apple mail and imap
Neither I nor any of our users has discovered any problems using
apple mail (mail.app) in imap mode with dovecot. What sometimes
"appears" to be a problem is the use (or mis-use) of mail.app's "Use
This Mailbox For.." function. You might direct your users to this
link http://superfluousbanter.org/archives/2007/04/setting-up-imap-
in-apple-mail/
BestOfLuck, B. Bodger New York, NY
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Bruce Bodger schrieb:
Hi Bruce , maybe the promblems are fixed now by an apple upgrade, ( i am not very interested in buggy clients) there were never server related and apeared with courier, cyrus, dovecot as you see in the history of apple mail mailinglists it has a long history of bugs with imap, the last one which i was known of was some problems with utf coding and/or pdf attachments after some adobe upgrade in the german version , i never had any problem like this with thunderbird.
Mit freundlichen Gruessen Best Regards
Robert Schetterer
https://www.schetterer.org Munich/Bavaria/Germany -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGVXbFfGH2AvR16oERAogRAJ9nnCint3TmSkRw1Gbyv3GQL9rMngCgilzs ANW8lVElGNFKEn/Bbw93OqY= =XC5F -----END PGP SIGNATURE-----
Robert Schetterer wrote:
Yes - with the ability to ise IMAP as a connection channel you could do anything that Microsoft Exchange does and more. The idea is that you can establish a connection between any server app and any client app. Generally you would want it to be somewhat email related but it's wide open and doesn't have to be. And what's wrong with unlimited functionality?
Keep in mind that one of the reasons people buy Exchange is because Exchange does things that people want. A calendar is one of many examples. But to start with I'm thinking more in terms of controlling server side email settings.
On Thu, May 24, 2007 at 08:50:11AM -0700, Marc Perkel wrote:
Also keep in mind that people dump Exchange because it's slow, complex and buggy, whereas Dovecot is mean and lean.
Remember the old UNIX paradigm -- do one thing and do it well. Dovecot is an IMAP server, and does the job well. A calendaring server is an entirely different beast, and should be seperate from the pop3/imap server, even if only to improve security and reliability.
GeertOn May 24, 2007, at 12:55 PM, Geert Hendrickx wrote:
I agree with you 100%, Geert.
I don't even understand the desire to perform sieving / filtering at
the imap level. From our perspective, that work belongs higher up...
as close to the MTA as possible. Here we use MPP (Message Processing
Platform) http://www.raeinternet.com/ Catches a pipe from Postfix
via lmtp. Has done it's job well for years!
B. Bodger New York, NY
Quoting Marc Perkel <marc@perkel.com>:
Yes, this is correct, and what some people are asking for.
Generally you would want it to be somewhat email related but it's wide open and doesn't have to be.
But managing this becomes more complex as you add more functions and the functions diverge from email in nature.
And what's wrong with unlimited functionality?
Nothing. It is how you get there that matters.
The problem of putting all your eggs in one basket is:
- It doesn't scale well.
- If you lose the basket, you loose all your eggs.
- The basket becomes more complex to program, debug, audit, manage, document, etc.
- The basket _may_ become slower, consume greater resources, etc.
Keep in mind that one of the reasons people buy Exchange is because Exchange does things that people want.
And one of the reasons so many of them complain about Exchange is because it does most of them poorly, is hard to manage and maintain, and if it breaks you lose access to everything, not just to one thing.
For which various protocols already exist...
As already stated, unless this goes through some standards body, it probably won't be widely adopted or used... So IMHO, the place to start would be with trying to define a standard and get support for it, rather than coding non-standards-based code that will only be adopted by a few...
-- Eric Rostetter The Department of Physics The University of Texas at Austin
Go Longhorns!
On 5/24/07, Eric Rostetter <rostetter@mail.utexas.edu> wrote:
choose a minimum set of things to do and implement them correctly. "divide and conquer" paradigm often works well.
-- DINH Viêt Hoà
Yeah it is a great idea. For example with a good plugin which is used in a Webmail environment. Individual clients may submit spam mails to the email server with these imap "extension" and it will create self control against with the users of email server.
2007/5/23, Frank Cusack <fcusack@fcusack.com>:
Marc Perkel wrote:
I believe that the IMAP RFC defines how IMAP servers may implement and advertise additional non-standard capabilities and how to report those in the CAPABILITIES string.
I would strongly recommend that any such solution fit within the RFC definition of these new custom capabilities. This would suggest, for instance, that you would *not* involve both IMAP and SMTP, but that all of your communications with the server would take place via the IMAP protocol stack.
I would also suggest that you might want a method whereby a dovecot plugin could add a new capability, with attendant command syntax, rather than a 'generic' EXECUTE command, so that clients could *absolutely* know (as they do now from the CAPABILITIES string) whether or not the feature they want is supported.
Cheers,
- BrianMarc Perkel, 23.05.2007 (d.m.y):
AFAIK, the "M" in IMAP stands for "Mail", not for "Calendar" or "Schedules".
The connection is made. It's a secure connection that's been authenticated.
You can also use LDAP and/or Kerberos to authenticate your users for other services - e.g. HTTP/WebDAV access to their Calendars, for managing their Sieve filters and so on. Thus, your proposal sounds to me a bit like reinventing the wheel. And I think that what we want is dovecot, not Exchange.
Nevertheless, feel free to give me $500. ;-)
Gruss/Regards, Christian Schmidt
-- Always do right. This will gratify some people and astonish the rest. -- Mark Twain
participants (17)
-
Adi Kriegisch
-
Brian G. Peterson
-
Bruce Bodger
-
Christian Schmidt
-
David Jonas
-
DINH Viêt Hoà
-
Eric Rostetter
-
Frank Cusack
-
funkypunky drunky
-
Geert Hendrickx
-
Johannes Berg
-
Kaz
-
Marc Perkel
-
Rick Romero
-
Robert Schetterer
-
Steffen Kaiser
-
Timo Sirainen