LDA ignores virtual mailbox settings

Toni Mueller support at oeko.net
Sun Dec 27 18:19:35 EET 2020


Hi,

I have a Debian/Buster system with Postfix and Dovecot from the Debian
repo, and with virtual users only (ie, no system users). These virtual
users are having all of their uids, gids, homes and mail quota in an
PostgreSQL database. The intent is to have postfix deliver the email via
dovecot's LDA, so I can set quota on a per-user basis.

But for some odd reason, Dovecot's LDA can't find the user data from the
userdb, and then complains about not being able to write to /var/mail.
The following example shows how things fail when delivering a message
from Postfix's queue (therefore, the passdb failure is expected):

In /etc/dovecot.conf, I have this, amongst other things:


mail_location = maildir:~/Maildir:INBOX=~/Maildir
passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
  driver = prefetch
}
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}
protocol lda {
  mail_plugins = autocreate quota mail_log trash virtual notify
}




16:04:16 postfix/qmgr[4970]: 8CD6CE072E: from=<user at example.com>, size=880, nrcpt=1 (queue active)
16:04:16 dovecot: auth: Debug: master in: USER#0111#011user at example.com#011service=lda
16:04:16 dovecot: auth: Debug: prefetch(user at example.com): passdb didn't return userdb entries, trying the next userdb
16:04:16 dovecot: auth: Debug: sql(user at example.com): SELECT '/path-to-mailboxen/' || virtual_users.home AS home, uid , gid , quota as quota_rule FROM virtual_users WHERE email = 'user at example.com' AND status = 'A'
16:04:16 dovecot: auth: Debug: userdb out: USER#0111#011user at example.com#011home=/path-to-mailboxen/example.com/user#011uid=12345#011gid=12345#011quota_rule=*:storage=0

^^^^^^^^^^^^^^^^^^^^^^

This shows that the database lookup works. The intended effect should be
that the message is delivered to

/path-to-mailboxen/example.com/user/Maidir/new


16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: setegid(privileged) failed: Operation not permitted
16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)

^^^^^^^^^^^^^^^^^^^^^^

And this shows that dovecot-lda just ignores the result.


16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: msgid=<20201226224933.014608 at laptop.example.com>: save failed to open mailbox INBOX: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
16:04:16 postfix/pipe[5284]: 8CD6CE072E: to=<user at example.com>, orig_to=<userA at example2.com>, relay=dovecot, delay=62083, delays=62083/0.04/0/0.04, dsn=4.3.0, status=deferred (temporary failure)


In /etc/postfix/master.cf, I have this to call it:

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=_mailbox argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${domain} -a ${recipient}


I've tried strace-ing dovecot-lda, but it didn't really help me to
understand why it discards the result of the userdb lookup.


Can anyone please provide a cluebat, please?



Thanks,
Toni



More information about the dovecot mailing list