[Dovecot] LDA without lookup as non-root?

E.B. emailbuilder88 at yahoo.com
Sat Oct 20 22:17:12 EEST 2012


> 1) If LDA is invoked without 

> lookups, is it correct to assume that the "service auth" and 
> "service 
> auth-worker" can be completely removed from dovecot master 
> configuration? (I have tried commenting them out and logging into IMAP, 
> which seems to work, not sure if anyone else needs the auth service)

Any confirmation on this?

> 2)
> If LDA is invoked without lookups, will I be unable to use Dovecot 
> quota plugin? Does it need to have a user lookup to get quota info? 
> (haven't added quota support, need to take this one step at a time)

I'm especially interested if someone can comment on this, since maybe it makes my efforts here wasted

> 3) The interesting part -- I am invoking LDA from Maildrop. See:
> http://thread.gmane.org/gmane.mail.imap.dovecot/65473
> So
> when invoked, Maildrop has already dropped to the destination UID/GID 
> and the needed paths are available in the environment.  However, using 
> as many permutations of calling LDA as I can think of (based on     
> http://wiki2.dovecot.org/LDA ), I always get this:
> 
> (command line usage error. Command output: lda: Fatal: Couldn't lookup our 
> username (uid=2500) )

I could not find anything in the mailing list archives to help me, but I googled and found a link to a source file:

http://hg.dovecot.org/dovecot-sieve-1.1/raw-rev/7d85833eff96

I read the source, it looks like it's not exactly a userdb lookup - LDA is trying to get the unix username for the given UID. In my case, UIDs are "virtual" so there isn't a unix username. The source doesn't really use the username that it looks up except in a call "open_logfile."

Is it possible to avoid this problem? It looks like the answer is no, I have to use -d which also forces a userdb lookup. Maybe this limitation can be removed in the future? Now I suppose I have to go understand the problems of userdb lookup permissions, but I think there are solutions for that.

Am I on the right understanding   ?

> The
> UID is correct for the target user. If I add "-d $LOGNAME" to my LDA 
> callout, I get permission denied on the userdb lookup, which I guess is 
> another issue to work out if I want to go with lookups. But right now I 
> am trying not to. Why does LDA seem to try for a lookup even when I 
> follow the wiki instructions how to call it without a lookup?
> 
> 3.5)
> Related question, my users have separate homedir and maildir, both 
> paths are looked up by Maildrop. I think I need to call LDA with 
> "HOME=$DEFAULT dovecot-lda -f $FROM". Is this correct?
> 



More information about the dovecot mailing list