-----Original Message----- From: Ben Morrow Sent: Monday, December 31, 2012 8:52 PM To: Dovecot Mailing List Subject: Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.
At 5PM -0600 on 31/12/12 you (Torpey List) wrote:
Sendmail 8.14.4 dovecot 2.0.9
I have sendmail working and it is sending mail to /var/mail/%u. I have dovecot working in that I can move emails into IMAP folders and I can send email through IMAP. I have set up dovecot to use mdbox based on the following: mail_location = mdbox:~/mail
However, I seem to be lacking a key piece of information. Sendmail is sending the mail to /var/mail/%u as a mbox (single file for all emails) format. Dovecot wants to read the mail in mdbox (Multiple messages per file, but unlike mbox multiple files per mailbox.) So the two programs are not working together.
So, I cannot get dovecot to read new emails at /var/mail/%u. So I tried changing to the following: mail_location = mdbox:~/mail:INBOX=/var/mail/%u However, dovecot complains that it is NOT a directory. That is because sendmail is sending as mbox format.
I have tried two lines of “mail_location” but that did not work. example mail_location = mdbox:~/mail ----> for dovecot mail_location = mbox:INBOX=/var/mail/%u -----> for sendmail
No, that doesn't work: in fact, the second line will completely override the first. If you run 'doveconf -n' or 'doveconf mail_location' you will see that the first line doesn't have any effect.
I did not expect it to work, but I was trying all that I could before posting a question.
If you want to keep INBOX delivery to mboxes in /var/mail, you can do this using two namespaces. One points to mdbox:~/mail, and holds the users' ordinary IMAP folders in mdbox format, and the other has INBOX=/var/mail/%u and just holds the INBOX. There is an example in http://wiki2.dovecot.org/Namespaces of doing this with Maildir and mbox; adjusting it for mdbox shouldn't be hard.
You will find you need a directory for each user to hold the other folders in the INBOX namespace, since Dovecot doesn't know there won't ever be any. This directory is also used to store Dovecot's index files for that namespace, and it should *not* be the same as the mdbox directory. According to http://wiki2.dovecot.org/MailLocation/mbox , you can skip this if you use
location = mbox:/var/empty:INBOX=/var/mail/%u:INDEX=MEMORY
(assuming /var/empty is a readonly root-owned empty directory), but since this tells Dovecot not to store index files on disk it may make INBOX access less efficient. If you use a real directory rather than /var/empty you may want to consider enabling the acl plugin and setting up a global ACL which prevents users from creating additional folders in the INBOX namespace.
It's probably also a good idea to set mail_location = mdbox:~/mail and omit the location parameter from the mdbox namespace, since IIRC otherwise commands like 'doveadm purge' won't work correctly.
I am going to try an option below.
I have tried LMTP and dovecot-lda.
If you want to deliver mail into the mdbox INBOX, and forget about /var/mail altogether, you will need to get one of these two working since Sendmail doesn't understand mdbox. This is probably the best option in the long run, unless you have other software which relies on mail being in /var/mail. If you pick this option you need to remove all references to /var/mail from dovecot.conf; with the two lines you had above Dovecot will simply carry on delivering into /var/mail just as Sendmail had been.
I would like to deliver new mail into the mdbox INBOX and forget about /var/mail but I did not see how to do this. I think that was the piece of information that I am missing.
LMTP – I could not see any difference with this added or not.
If you had configured Dovecot to deliver into /var/mail, that's hardly surprising. Otherwise, are you sure you were delivering mail to the LMTP server? If you were you should have seen entries in Dovecot's log file, and the delivered mail should have ended up with a Received header from the LMTP server.
I have used egrep and there is no line that has /var/mail that is uncommented in any of the config files.
Based on your comment, then no I do not believe the new mail was going through LMTP.
Dovecot-lda – I have had issues getting it configured.
What issues? If you were trying to get the LDA to deliver to /var/mail, it's possible you were running into permissions problems. The best solution is to deliver into the mdbox instead, or just leave Sendmail to deliver to /var/mail.
Sendmail changes FEATURE(
local_procmail',
/usr/libexec/dovecot/dovecot-lda',/usr/libexec/dovecot/dovecot-lda -d $u') MODIFY_MAILER_FLAGS(
LOCAL', `-f') MAILER(procmail)dnlI know nothing at all about Sendmail configuration, but going by the Dovecot wiki that looks correct. Are you sure mail for the appropriate users was actually getting routed through that mailer? What did you see in the logs (you need to check both Dovecot's and Sendmail's logs, wherever they may be).
Ben
Thanks for the information. The email is not being delivered by LTMP because there are no logs.
The most documentation that I have found is using dovecot-lda, but as you said there are permissions issues. The wiki implied that LTMP is the best solution but I am not understanding enough to get it set up.
Therefore, I am attempting to stick with dovecot-lda *using sudo* from the dovecot-lda wiki page. The wiki said to put /usr/bin/sudo in front of path/dovecot-lda but did not say which one or both. I could not get it to work.
The option that has gone the furthest is *Making dovecot-lda setuid-root*. However, I have errors. Here are the permissions.
-rwxr-xr-x. 1 root secmail 26512 Aug 18 2011 /usr/libexec/dovecot/dovecot-lda
srw-------. 1 mail root 0 Jan 1 08:39 /var/run/dovecot/auth-userdb
Errors..... ==> /var/log/maillog <== Jan 1 08:24:02 nala sendmail[20154]: r01EO2qc020154: from=<user@yahoo.com>, size=5723, class=0, nrcpts=1, msgid=<1357050226.83142.YahooMailNeo@web120205.mail.ne1.yahoo.com>, proto=ESMTP, daemon=MTA, relay=mail.example.com [192.168.1.152] Jan 01 08:24:02 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=0(root) egid=0(root) missing +r perm: /var/run/dovecot/auth-userdb, euid is dir owner) Jan 01 08:24:02 lda: Fatal: Internal error occurred. Refer to server log for more information. Jan 1 08:24:02 nala sendmail[20155]: r01EO2qc020154: to=user@example.com, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=35889, dsn=4.0.0, stat=Deferred: local mailer (/usr/libexec/dovecot/dovecot-lda) exited with EX_TEMPFAIL
==> /var/log/messages <== Jan 1 08:24:02 nala kernel: type=1400 audit(1357050242.947:42): avc: denied { dac_override } for pid=20156 comm="dovecot-lda" capability=1 scontext=unconfined_u:system_r:dovecot_deliver_t:s0 tcontext=unconfined_u:system_r:dovecot_deliver_t:s0 tclass=capability Jan 1 08:24:02 nala kernel: type=1400 audit(1357050242.947:43): avc: denied { dac_override } for pid=20156 comm="dovecot-lda" capability=1 scontext=unconfined_u:system_r:dovecot_deliver_t:s0 tcontext=unconfined_u:system_r:dovecot_deliver_t:s0 tclass=capability Jan 1 08:24:02 nala kernel: type=1400 audit(1357050242.947:44): avc: denied { dac_read_search } for pid=20156 comm="dovecot-lda" capability=2 scontext=unconfined_u:system_r:dovecot_deliver_t:s0 tcontext=unconfined_u:system_r:dovecot_deliver_t:s0 tclass=capability
So, the error appears to be related to /var/run/dovecot/auth-userdb. I have made various permission and owner changes; however, restarting dovecot always returns it to the permissions above. So, even if I find a combination that works, dovecot is going to put it back.
Thanks for any help, Steve