LMTP BUG
Peter Hodur
petehodur at gmail.com
Fri Dec 12 04:04:48 UTC 2014
Hello,
just setting up mail hub with Postfix & Dovecot I have found BUG in LMTP
implementation.
* assumptions
- latest stable Postix & Dovecot,
- Postfix delivers via Dovecot LMTP (virtual_transport = lmtp:127.0.0.1:24),
- Dovecot userdb & passwd lookups are made via custom checkpassword
interface,
- each user (email account) has different UID/GID
* description
LMTP process must run as root to be able to deliver msgs to each user. It
drops privileges temporarily when delivering and then restoring effective
UID/GID to root (saved one).
The problem is, when an attempt with more than ONE recipients is made. More
than one recipient within single session.
It seems, that Dovecot LMTP restores root privileges not between each
recipient delivery attempt but after whole transaction.
The only solution is throttle Postfix to send single message with multiple
recipients as many small transactions - all with only ONE rcpt.
lmtp_destination_recipient_limit=1
makes this magic.
Otherwise you can find:
Dec 12 03:30:36 vm dovecot: lmtp(3580, info at xxx.com): Fatal: setgid(48672
from userdb lookup) failed with euid=33001, gid=43570, egid=43570:
Operation not permitted (This binary should probably be called with process
group set to 4867
2 instead of 43570)
Can someone confirm that this is an error/bug?
Thanks
Pete
More information about the dovecot
mailing list