[Dovecot] deliver is ignoring mail_access_groups

Peter dovecot at peter-b.org
Sun Nov 15 14:59:38 EET 2009 

Ubuntu 8.04LTS

Dovecot 1.2.6

Postfix 2.5.1

 

I'm using dovecot imap/deliver in an environment where I don't want users
with shell access to reach their mail folders (partly to do with IMAP ACLs
requiring open group permissions and partly to do with not wanting users to
mess their mail folders / sieve configs up).

 

I specifically don't want to switch to a "single dovecot user" style
installation.

 

Current config:

 

mail_location = maildir:/home/mail/%d/%n/Maildir

mail_privileged_group = mail

mail_access_groups = maildir

 

drwxrws--- 3 nobody maildir     21 2009-11-15 10:52 /home/mail

drwxrws--- 4 nobody adomain.com 30 2009-11-15 12:12 /home/mail/adomain.com/

drwxrws--- 3 auser  adomain.com 20 2009-11-15 10:52
/home/mail/adomain.com/auser

drwxrws--- 3 auser  adomain.com 20 2009-11-15 10:52
/home/mail/adomain.com/auser/Maildir

 

And so on...

 

As expected IMAP and Managesieve work perfectly, but  deliver fails:

 

Nov 15 12:48:26 s15364807 dovecot: deliver(auser at adomain.com): sieve:
stat(/home/mail/adomain.com/auser/.dovecot.sieve) failed: Permission denied
(using global script path in stead)

Nov 15 12:28:06 s15364807 dovecot: deliver(auser at adomain.com):
stat(/home/mail/adomain.com/auser/Maildir) failed: Permission denied

Nov 15 12:28:06 s15364807 dovecot: deliver(auser at adomain.com):
stat(/home/mail/adomain.com/auser/Maildir/tmp) failed: Permission denied
(euid=1002(auser) egid=1001(adomain.com) missing +x perm: /home/mail)

Nov 15 12:28:06 s15364807 dovecot: deliver(auser at adomain.com):
msgid=<20091115122806.79A0F80034F at servername.com>: save failed to INBOX:
Internal error occurred. Refer to server log for more information.
[2009-11-15 12:28:06]

 

Opening the permissions on /home/mail (6771) allows deliver to succeed
suggesting that mail_access_groups is being ignored by deliver.

 

As a work-around I can set /home/mail to 6771 but this is not ideal as
anyone somehow guessing the directory structure could access mail of another
user in the same group regardless of IMAP acl settings. Yes, I can severely
obfuscate it but it's not secure.

 

I've spent about half a day trying to figure this out, I'm assuming at this
point that either I'm missing something obvious or something else is wrong.
Any ideas?

 

Peter.

More information about the dovecot mailing list