Checking mails/addressbook/calendars with IMAPS (Dovecot) + DAV (ownCloud)

As a followup to my article Replicating IMAPs (dovecot) mails folders and sharing (through ownCloud) contacts (kmail, roundcube, etc),  I’d like to point out that, these days, I almost completely dropped Kmail (only use it on a laptop, mostly because I do not use the laptop frequently enough to bother) and switched to Thunderbird.

Using Thunderbird enables me to use cool Firefox modules like S3.Google Translator (note that Kmail also has a similar functionality) and works decently with modules Lightning and Inverse Sogo Connector for proper CardDav and CalDav handling. I went away from Kmail due to still existing akonadi issues after so many years and the fact I was still forced to run ‘qdbus org.kde.kded /modules/networkstatus setNetworkStatus ntrack 4’ after suspend for it to notice network is on. In general, I do not think KDE people are going in a direction that makes sense for me and Kmail was almost the last piece of KDE I was still using (since they more or less killed Konqueror themselves). I still enjoy Dolphin though, especially for the group results and filter bar.

Regarding Roundcube, CardDav is nicely handled by RCMCardDav even though it requires a bit a work to properly deal with dependencies.

Advertisements

Importing CardDav (ownCloud) contacts into (SquirrelMail) .abook

I’m still using SquirrelMail, even though it looks a bit old. It’s robust and just works – and when I’m using a webmail, that’s mandatory.

SquirrelMail does not use CardDav but some sort of .abook format (that I hope is the same abook as mutt).

I just wrote carddav2abook.pl, a wrapper that requires an ~/.carddav2abookrc with the following:

carddav = https://HOST/remote.php/carddav/addressbooks/USER/contacts_shared_by_USER?export
user = USER
password = PASSWORD
abook = /var/lib/squirrelmail/data/USER.abook
wget_args = --no-check-certificate

 

As you notice, I’m using a specific export account that has been given only read access to this file. Otherwise the CardDav url would not include the _shared_by_USER part.

I configured it to directly write .abook in SquirrelMail data directly. Obviously, it means you need to adjust read write access for the relevant user (or use www-data, but I would not recommend to store password in an rcfile given to this user).

Once it works, just put up a cronjob (with 2>/dev/null since the perl vCard module tends to print some garbage).

(carddav2abook.pl is part of my -utils-webmail package).

Synchronizing your (Roundcube) webmail and (KDE) desktop with a (Android) phone

So I finally got an Android-based phone. I thought waiting for Ubuntu/Firefox stuff to be released but my current one (Bada-based: never ever) died.

First, I learned that actually you need to lock your phone with a Google account for life. It just confirmed that the sane proper first steps with this is too remove anything linked to Google.

First place to go is to F-Droid. From there, instead of getting tons of shitty freeware from Google Play/Apps/whatever, you get Free Software, as in freedom even though I like free beer.

Using ownCloud? From F-Droid, get DavDroid. Yes, that works perfectly and is easy to set up, unlike the Dav-related crap on Google Apps. The only thing you have to take care of, if your SSL certificate (trendy topic theses days) is self signed, is to make a certificate the specific way Android accepts them. For now, they recommends to do it like:

#http://vimeo.com/89205175

KEY=fqdn.servername.net

openssl req -new -x509 -days 3550 -nodes -out $KEY.pem -keyout $KEY.key
openssl x509 -in $KEY.pem -outform der -out $KEY.crt

Apart from that, everything is straight-forward. You just add your IMAPS, CalDav and CardDav info like you did with KDE and Roundcube. And can obviously also use mozilla sync through your ownCloud.

 

Update: As described in this recent post, it’s best to use options -newkey rsa:4096 -sha512.

Replicating IMAPs (dovecot) mails folders and sharing (through ownCloud) contacts (kmail, roundcube, etc)

dual IMAPs servers:

Having your own server handling your mails is enabling -you can implement anti-spam policies harsh enough to be incredibly effective, place catch-alls temporary addresses, etc. It does not even require much maintainance these days, it just takes a little time to set it up.

One drawback, though, is the fact if your host is down, or simply its link, then you are virtually unreachable. So you want a backup server. The straightforward solution is to have a backup that will simply forward everything to the main server as soon as possible. But having a backup server that is a replica of the main server allows you to use one or the other indifferently, and definitely have always one up at hand.

In my case, I run exim along with dovecot.  So once exim setup is replicated,  it’s only a matter of making sure to have proper dovecot setup (in my case mail_location = maildir:~/.Maildir:LAYOUT=fs:INBOX=~/.Maildir/INBOX
and mail_privileged_group =   mail  set in /etc/dovecot/conf.d/10-mail.conf along with ssl = required in /etc/dovecot/conf.d/10-ssl.conf  – you obviously need to create a certificate for IMAPs, named as described in said 10-ssl.conf but that’s not the topic here, you can use only IMAP if you wish).

Then, for each user account (assuming we’re talking about a low number), it’s as simple as making sure SSH access with no passphrase can be achieved from one of the hosts to the other and adding a cronjob like:

# */2 * * * *     user   dsync -f mirror secondary.domain.net 2> /dev/null
*/2 * * * *     user   isync --all --create-remote --quiet 2>/dev/null
*/2 * * * *     user   mbsync --all --quiet 2>/dev/null
*/2 * * * *     user   pgrep -x "offlineimap" -u user > /dev/null || offlineimap -u quiet >/dev/null 2>/dev/null

offlineimap requires a ~/.offlineimaprc such as:

[general]
accounts = mx

[Account mx]
localrepository = mx1
remoterepository = mx2
autorefresh = 2

[Repository mx1]
type = Maildir
localfolders = ~/Maildir

[Repository mx2]
type = IMAP
ipv6 = False
preauthtunnel = ssh -q secondary.domain.net '/usr/lib/dovecot/imap'

The first run may be a bit slow but it goes very fast afterward (I do have a strict expire policy though, it probably helps). This isdone the the primitive  way, recent version of dovecot (ie: not yet in Debian stable) provides plugins to do it.

You may as well install unison on both server and synchronize things like ~/.procmailrc, /etc/aliases or whatever, for instance:

8 */2 * * *	user	unison -batch -auto -silent -log=false ~/.procmailrc ssh://secondary.domain.net//home/user/.procmailrc 2> /dev/null

Once you checked that you can properly login on both IMAPs, it’s just a matter of configuring your mail clients.

and many mail clients:

I use roundcube webmail whenever I have no access to a decent system with a proper mail client (kmail, gnus, etc) configured. With two IMAPs servers, there’s no benefit of not having the same webmail setup on both.

The only annoying thing is not to have common address book. It’s possible to replicate the roundcube database but it’s even better to have a cloud to share the address book with any client, not doing some rouncube-specific crap. So I went for the option of installing ownCloud on one of the hosts (so far I’ve not decided yet if there is a point in replicating also the cloud, seems a bit overkill to replicate data that is already some sort of backup or replica), pretty straight-forward since I already have nginx and php-fcgi running. And then if was just a matter of pluging roundcube in ownCloud through CardDav.

Once done, you may just want to also plug your ownCloud calendar/addressbook in KDE etc, so all your mail clients will share the same address book (yeah!). Completely unrelated, add mozilla_sync to your ownCloud is worth it too.

The only thing so far that miss is the replication of your own identities – I haven’t found anything clear about that but havent looked into it seriously. I guess it’s possible to put ~/.kde/share/config/emailidentities on the cloud or use it to extract identities vcard but I’m not sure a dirty hack is worth it. It’s a pity that identities are not part of the addressbook.

(The alternative I was contemplating before was to use kolab; I needed ownCloud for other matters so I went for this option but I keep kolab in mind nonetheless)

Update 1: Stop using dsync that is tremendously unreliable as of today, use isync instead.

Update 2: Switch to mbsync, since isync was a wrapper that mbsync author recommends not to use anymore.

Update 3: Switch to offlineimap because I do not understand mbsync behavior, ignoring INBOX, etc. I cannot find a way to configure it so it works.