Dont want to pull the SMTP handler module, its pretty huge.
I have managed to get it to work better now. I did setuid the dovecot-lda, and then added www-data to the dovecot group, so now dovecot-lda executes sucessfully. This also meant I could set back the authdb to 0666 and also remove the stats-writer and stats-reader and it still works sending from www-data now. Since guest doesn't have execute rights, it means that its secure now (according to the "Multiple UID" article on the wiki)
However, I have ran into another weird problem. If I run the script like this:
sudo -u www-data ./index.cgi
The mail appears in the inbox. But if I visit index.cgi from the browser via the web server, it doesn't work.
Here is index.cgi:
#!/usr/bin/perl
use MIME::Entity; use Email::Date::Format qw(email_date); use Encode;
$mime = MIME::Entity->build(Type => "text/plain; charset=utf-8", From => "Sebastian Nielsen sebastian@sebbe.eu", To => "Dovecot-LDA Form info@localhost", Subject => encode("MIME-Header", "Räksmörgås"), Date => email_date, Data => "Testar med lite text"); open (MAILPIPE, "|/usr/lib/dovecot/dovecot-lda -d info"); $mime->print(\*MAILPIPE); close(MAILPIPE);
print "Content-Type: text/plain\n\nSuccess";
So its the exact same script, works when run from www-data via sudo, then it works, but not when done from the web server. So whats the difference? Its the same user, so it should work right?
No errors in logs either.
-----Ursprungligt meddelande----- Från: John Stoffel via dovecot dovecot@dovecot.org Skickat: den 31 oktober 2024 19:03 Till: Sebastian Nielsen sebastian@sebbe.eu Kopia: dovecot@dovecot.org Ämne: Re: dovecot-lda from www-data - doesnt work
"Sebastian" == Sebastian Nielsen via dovecot dovecot@dovecot.org writes:
m trying to deliver email from a webform, but its not working.
Why are you not feeding the email to postfix on the host, and then have postfix do all the lookups for valid users, etc. Then postfix will deliver to dovecot.
I need to be able to deliver email from "www-data" to any user on the system (that is a valid dovecot-lda mail user).
Yeah, don't do it like this, go through a proper MTA instead which handles all this for you.
It seems a security setting blocks it. I have already set authdb to 0777 in dovecot settings (because otherwise it gives an error about lookup rights), and also enabled stats-writer and stats-reader with 0666.
No no no, don't do this, you're now opening yourself up to getting hacked.
so no more error messages in log, but the above commands that does NOT work, terminate immediately, while the working command waits for email from STDIN. No error messages in either log or on STDOUT/STDERR.
How is your webform being called? If it's just a PHP handler for a submitted form, just hand it off to port 25 on localhost to deliver the email locally.
This puts all the lookups into the same place that other email is handled by, including user lookups, anti-spam, etc.
John
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org