[Dovecot] AuthenticationFailedException: [IN-USE] Couldn't open INBOX: Permission denied
Ben Morrow
ben at morrow.me.uk
Thu May 9 04:47:00 EEST 2013
At 12AM +0000 on 9/05/13 you (Earles, Jill) wrote:
> I've been pouring over the documentation for dovecot, but can't find a
> solution to this problem. I recently took over administration of the
> dovecot email service at the University where I work, and things were
> going smoothly. We've been creating email accounts for use with JIRA,
> a bug reporting/tracking system, and one day recently, when I tried to
> add a new account to JIRA, I got this error returned from dovecot:
>
> "AuthenticationFailedException: [IN-USE] Couldn't open INBOX:
> Permission denied"
This is not a dovecot message: presumably it's from JIRA?
> I got help from Atlassian, the creators of JIRA, and they sent me
> links to some forum posts that said that changing the permissions of
> that user's /var/mail/ directory to 0600 would solve the problem. I
> changed that and no longer got the error.
You say '/var/mail directory' but your dovecot.conf suggests you mean a
file in /var/spool/mail. You need to be clear about which you mean.
Dovecot changes down to the user's uid to access the mail folders, so
assuming the owners are correct either 0600 or 0660 should be fine.
(Which you choose depends on how paranoid you are about users reading
each others' mail, and what the group ownership is.)
> Being satisfied that this was a solution, I created a bunch of new
> email accounts today to replace exchange accounts, and then changed
> the permissions on all the /var/mail/ directories to 0600. Now I'm
> getting that error again, even for pre-existing email addresses,
> including the one that I had previously fixed by changing the
> permissions the same way. I tried changing some of the older accounts
> back to 0660, which is what they had before, and I still get the error
> even after restarting dovecot.
[...]
> # dovecot -n
> # 2.0.9: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.32-131.0.15.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.4 (Santiago)
> auth_debug = yes
> auth_debug_passwords = yes
Careful with this. You end up with passwords in the logs.
[...]
> Here's an except of the maillog from a recent attempt:
[...]
>
> May 8 17:46:49 moose dovecot: pop3(lib.sysadmin): Error:
> stat(/var/spool/mail/lib.sysadmin) failed: Permission denied
This is interesting: normally stat only fails if the permissions on the
directory (that is, /var/spool/mail itself) are wrong. Check you haven't
changed them by mistake.
> May 8 17:46:50 moose dovecot: auth: Debug: client in:
> AUTH#0111#011PLAIN#011service=pop3#011lip={ip removed}#011rip={ip
> removed}#011lport=110#011rport=64420#011resp=XXXXXXXXXXXXXXXXXXXX
See? You've just posted the password for 'bvauw.relais'. Change it, now.
Ben
More information about the dovecot
mailing list