"Sender:" and "Return-path:" wrong when sent from roundcube

[ncpnc]

Hello there.

Please help me with this annoying problem
I'm using virtual mail system based on http://struction.de/projects/HOWTO_VirtualMail_Exim-MySQL-Spamassassin-ClamAV-Dovecot/?set_style=clean
Roundcube works OK, but headers look somehow like this when I send emails from roundcube (wrong "Return-path" and "Sender:"):

Code: [Select]

Return-path: <&quot;catch@kkip.pl&quot;@kkip.pl>
Envelope-to: [email]admin@kkip.pl[/email]
Delivery-date: Fri, 18 May 2007 11:00:22 +0200
Received: from localhost.kkip.pl ([127.0.0.1] helo=localhost)
by kkip.pl with esmtpsa (TLSv1:AES256-SHA:256)
(Exim 4.67 (FreeBSD))
(envelope-from <&quot;catch@kkip.pl&quot;@kkip.pl>)
id 1HoyJj-000Lv7-Ne
for [email]admin@kkip.pl[/email]; Fri, 18 May 2007 11:00:22 +0200
MIME-Version: 1.0
Date: Fri, 18 May 2007 11:00:07 +0200
From: <catch@kkip.pl>
To: [email]admin@kkip.pl[/email]
Message-ID: <da3941c848010e77302fff48c8bd2afc@kkip.pl>
X-Sender: [email]catch@kkip.pl[/email]
User-Agent: RoundCube Webmail/0.1b
Content-Type: multipart/alternative;
boundary=&quot;=_49398a61b87075d2c5c0c6a84fff7778&quot;
Sender: &quot;catch@kkip.pl&quot;@kkip.pl
X-Authenticated-User: [email]catch@kkip.pl[/email]

And here's my config:

Code: [Select]


/*
 +-----------------------------------------------------------------------+
 | Main configuration file                        |
 |                                    |
 | This file is part of the RoundCube Webmail client           |
 | Copyright (C) 2005, RoundCube Dev. - Switzerland           |
 | Licensed under the GNU GPL                      |
 |                                    |
 +-----------------------------------------------------------------------+

*/

$rcmail_config = array();


// system error reporting: 1 = log; 2 = report (not implemented yet), 4 = show, 8 = trace
$rcmail_config['debug_level'] = 1;

// enable caching of messages and mailbox data in the local database.
// this is recommended if the IMAP server does not run on the same machine
$rcmail_config['enable_caching'] = FALSE;

// lifetime of message cache
// possible units: s, m, h, d, w
$rcmail_config['message_cache_lifetime'] = '10d';

// automatically create a new RoundCube user when log-in the first time.
// a new user will be created once the IMAP login succeeds.
// set to false if only registered users can use this service
$rcmail_config['auto_create_user'] = TRUE;

// the mail host chosen to perform the log-in
// leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// To use SSL connection, enter ssl://hostname:993
// $rcmail_config['default_host'] = 'localhost';
$rcmail_config['default_host'] = array('poczta.kkip.pl' => 'Kancelaria Kuchta i Partnerzy',
                    'poczta.auxilia.pl' => 'Auxilia Spolka Z O.O.');
// TCP port used for IMAP connections
$rcmail_config['default_port'] = 143;

// Automatically add this domain to user names for login
// Only for IMAP servers that require full e-mail addresses for login
// Specify an array with 'host' => 'domain' values to support multiple hosts
$rcmail_config['username_domain'] = array('poczta.kkip.pl' => 'kkip.pl',
                     'poczta.auxilia.pl' => 'auxilia.pl');

// This domain will be used to form e-mail addresses of new users
// Specify an array with 'host' => 'domain' values to support multiple hosts
$rcmail_config['mail_domain'] = '';
//$rcmail_config['mail_domain'] = array('poczta.kkip.pl' => 'kkip.pl',
//                     'poczta.auxilia.pl' => 'auxilia.pl');

// Path to a virtuser table file to resolve user names and e-mail addresses
$rcmail_config['virtuser_file'] = '';

// Query to resolve user names and e-mail addresses from the database
// %u will be replaced with the current username for login.
// The query should select the user's e-mail address as first col
$rcmail_config['virtuser_query'] = '';

//$rcmail_config['virtuser_query'] = "SELECT email_address FROM database.table WHERE login = '%u'";
// use this host for sending mails.
// to use SSL connection, set ssl://smtp.host.com
// if left blank, the PHP mail() function is used
$rcmail_config['smtp_server'] = 'ssl://localhost';

// SMTP port (default is 25; 465 for SSL)
$rcmail_config['smtp_port'] = 465;

// SMTP username (if required) if you use %u as the username RoundCube
// will use the current username for login
$rcmail_config['smtp_user'] = '%u';

// SMTP password (if required) if you use %p as the password RoundCube
// will use the current user's password for login
$rcmail_config['smtp_pass'] = '%p';

// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
// best server supported one)
$rcmail_config['smtp_auth_type'] = '';

// Log sent messages
$rcmail_config['smtp_log'] = TRUE;

// these cols are shown in the message list
// available cols are: subject, from, to, cc, replyto, date, size, encoding
$rcmail_config['list_cols'] = array('subject', 'from', 'date', 'size');

// relative path to the skin folder
$rcmail_config['skin_path'] = 'skins/default/';

// use this folder to store temp files (must be writebale for apache user)
$rcmail_config['temp_dir'] = 'temp/';

// use this folder to store log files (must be writebale for apache user)
$rcmail_config['log_dir'] = 'logs/';

// session lifetime in minutes
$rcmail_config['session_lifetime'] = 10;

// check client IP in session athorization
$rcmail_config['ip_check'] = TRUE;

// this key is used to encrypt the users imap password which is stored
// in the session record (and the client cookie if remember password is enabled).
// please provide a string of exactly 24 chars.
$rcmail_config['des_key'] = 'rcmail-!24ByteDESkey*Str';

// the default locale setting
$rcmail_config['locale_string'] = 'pl';

// use this format for short date display
$rcmail_config['date_short'] = 'D H:i';

// use this format for detailed date/time formatting
$rcmail_config['date_long'] = 'd.m.Y H:i';

// use this format for today's date display
$rcmail_config['date_today'] = 'H:i';

// add this user-agent to message headers when sending
$rcmail_config['useragent'] = 'RoundCube Webmail/0.1b';

// use this name to compose page titles
$rcmail_config['product_name'] = 'RoundCube Webmail';

// only list folders within this path
$rcmail_config['imap_root'] = '';

// store draft message is this mailbox
// leave blank if draft messages should not be stored
$rcmail_config['drafts_mbox'] = 'Drafts';

// store spam messages in this mailbox
$rcmail_config['junk_mbox'] = 'Junk';

// store sent message is this mailbox
// leave blank if sent messages should not be stored
$rcmail_config['sent_mbox'] = 'Sent';

// move messages to this folder when deleting them
// leave blank if they should be deleted directly
$rcmail_config['trash_mbox'] = 'Trash';

// display these folders separately in the mailbox list.
// these folders will automatically be created if they do not exist
$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');

// protect the default folders from renames, deletes, and subscription changes
$rcmail_config['protect_default_folders'] = TRUE;

// Set TRUE if deleted messages should not be displayed
// This will make the application run slower
$rcmail_config['skip_deleted'] = FALSE;

// Set true to Mark deleted messages as read as well as deleted
// False means that a message's read status is not affected by marking it as deleted
$rcmail_config['read_when_deleted'] = TRUE;

// When a Trash folder is not present and a message is deleted, flag
// the message for deletion rather than deleting it immediately. Setting this to
// false causes deleted messages to be permanantly removed if there is no Trash folder
$rcmail_config['flag_for_deletion'] = TRUE;

// Make use of the built-in spell checker. It is based on GoogieSpell.
$rcmail_config['enable_spellcheck'] = TRUE;

// For a locally installed spellcheker, specify the URI to call it, for example:
// '[url]http://'[/url] . $_SERVER['HTTP_HOST'] . '/spellchecker.php?lang='
// Leave empty to use the Google spell checking service, what means
// that the message content will be sent to Google in order to check spelling
$rcmail_config['spellcheck_uri'] = '';

// These languages can be selected for spell checking.
// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
// Leave empty for default set of Google spell check languages
$rcmail_config['spellcheck_languages'] = 'pl';

// path to a text file which will be added to each sent message
// paths are relative to the RoundCube root folder
$rcmail_config['generic_message_footer'] = '';

// this string is used as a delimiter for message headers when sending
// leave empty for auto-detection
$rcmail_config['mail_header_delimiter'] = NULL;

// in order to enable public ldap search, create a config array
// like the Verisign example below. if you would like to test,
// simply uncomment the Verisign example.
/**
 * example config for Verisign directory
 *
 * $rcmail_config['ldap_public']['Verisign'] = array('hosts'     => array('directory.verisign.com'),
 *                          'port'     => 389,
 *                          'base_dn'    => '',
 *                          'search_fields' => array('Email' => 'mail', 'Name' => 'cn'),
 *                          'name_field'  => 'cn',
 *                          'mail_field'  => 'mail',
 *                          'scope'     => 'sub',
 *                          'fuzzy_search' => 0);
 */

// don't allow these settings to be overriden by the user
$rcmail_config['dont_override'] = array();

// list of configuration option names that need to be available in Javascript.
$rcmail_config['javascript_config'] = array('read_when_deleted', 'flag_for_deletion');

// try to load host-specific configuration
$rcmail_config['include_host_config'] = FALSE;


/***** these settings can be overwritten by user's preferences *****/

// show up to X items in list view
$rcmail_config['pagesize'] = 40;
// use this timezone to display date/time
$rcmail_config['timezone'] = 1;

// daylight savings are On
$rcmail_config['dst_active'] = TRUE;

// prefer displaying HTML messages
$rcmail_config['prefer_html'] = TRUE;

// compose html formatted messages by default
$rcmail_config['htmleditor'] = TRUE;

// show pretty dates as standard
$rcmail_config['prettydate'] = TRUE;

// default sort col
$rcmail_config['message_sort_col'] = 'date';

// default sort order
$rcmail_config['message_sort_order'] = 'DESC';

// save compose message every 300 seconds (5min)
$rcmail_config['draft_autosave'] = 300;

// default setting if preview pane is enabled
$rcmail_config['preview_pane'] = FALSE;

// end of config file
?>

Mail system is based on exim, dovecot, mysql5 and roundcube, and is virtual of course.
I'm not sure if I need virtuser query or not, and how to make a query, if login is a valid email address, and database includes username and domain in different columns (no column including separate email address). Note that both host used are localhost in fact.
All headers are correct when I send emails by IMAP client like Outlook or Thunderbird, where's the configuration trick with Roundcube?

Please help
Cheers

[ncpnc]

Anyone ;(?

[ncpnc]

Really no one knows where's the problem located :/?

[zakaria1993]

The issue its with EXIM mail server yet, for quick resolve from Roundcube side, you can empty SMTP user and password field so the email to be accepted then sent in acl_check_rcpt: without SMTP " control = submission " header which is apparently by standards modifies the existing headers in order to make it compliant and its expecting username format to be sent with %n flag i.e. local part only and adds qualify domain automatically, while its sent in %u format and the following hack works without any issues given the user is already authenticated via Roundcube login session but will raise issues to emails sent between local users, and in some instances they can bypass authentication and the second method resolves such issue.

In config/config.inc.php I set the following with empty strings and it should work.

$config['smtp_pass'] = '';
$config['smtp_user'] = '';

The preferred, its this second solution, that is to rearrange the order of acl_check_rcpt: tests in /usr/exim/configure file, by making sure the following is placed:-

Code: [Select]

  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
  # testing for an empty sending host field.

  accept  hosts = :
          control = dkim_disable_verify
          control = dmarc_disable_verify
          control = dmarc_enable_forensic

  # Accept if the message arrived over an authenticated connection, from
  # any host. Again, these messages are usually from MUAs, so recipient
  # verification is omitted, and submission mode is set. And again, we do this
  # check before any black list tests.

  accept  authenticated = *
          control       = dkim_disable_verify
          control       = dmarc_disable_verify
          control       = dmarc_enable_forensic

At least before the following in order to avoid control = submission enforcement:-

Code: [Select]

  # Accept if the message comes from one of the hosts for which we are an
  # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
  # so we set control=submission to make Exim treat the message as a
  # submission. It will fix up various errors in the message, for example, the
  # lack of a Date: header line. If you are actually relaying out out from
  # MTAs, you may want to disable this. If you are handling both relaying from
  # MTAs and submissions from MUAs you should probably split them into two
  # lists, and handle them differently.

  # Recipient verification is omitted here, because in many cases the clients
  # are dumb MUAs that don't cope well with SMTP error responses. If you are
  # actually relaying out from MTAs, you should probably add recipient
  # verification here.

  # Note that, by putting this test before any DNS black list checks, you will
  # always accept from these hosts, even if they end up on a black list. The
  # assumption is that they are your friends, and if they get onto a black
  # list, it is a mistake.

  accept  hosts         = +relay_from_hosts
          control       = submission
          control       = dkim_disable_verify
          control       = dmarc_disable_verify
          control       = dmarc_enable_forensic

I know this is a very old post, but I came across and if the answer was here, it would've saved me a whole day researching. I hope it to be useful to someone one day like today :0