Hello all,
I am new to the mailing list and I'm in the process of setting up a LAMP + mail server. I have configured my MTA (Postfix) to deliver messages to:
/var/spool/mail/vhosts/domain.tld/name
I have configured Dovecot as follows:
-- # 1.2.2: /usr/local/etc/dovecot.conf protocols: imap imaps pop3 ssl: no disable_plaintext_auth: no login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login mail_privileged_group: mail mail_location: mbox:/var/spool/mail/vhosts/%d:INBOX=/var/spool/mail/vhosts/%d/%n mail_debug: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 lda: postmaster_address: postmaster@example.com auth default: debug: yes passdb: driver: passwd-file args: /etc/passwd.dovecot userdb: driver: passwd
Password excepted, my passwd.dovecot file containing a single virtual user looks like:
richard:{plain}password:504:505::/home/vmail
The uid/gid is the same as used by Postfix (a dedicated vmail user/group). That user/group owns the mbox I am trying to manipulate in this example. When I attempt to login via telnet on port 110 I get the error:
+OK Dovecot ready. user richard@richardaharwood.com +OK pass password -ERR Authentication failed.
It seems to dislike the fact I specify the domain as part of the login username. If I repeat and login as: user richard - I am authenticated, however I get the error:
-ERR [IN-USE] Couldn't open INBOX: Internal error occurred. Refer to server log for more information.
Tailing the maillog, I see the following:
Aug 8 17:19:01 richardaharwood dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 secured lip=83.170.110.193 rip=83.170.110.193 lport=110 rport=58115 resp=<hidden> Aug 8 17:19:01 richardaharwood dovecot: auth(default): passwd-file(richard,83.170.110.193): lookup: user=richard file=/etc/passwd.dovecot Aug 8 17:19:01 richardaharwood dovecot: auth(default): client out: OK 1 user=richard Aug 8 17:19:01 richardaharwood dovecot: auth(default): master in: REQUEST 4 3603 1 Aug 8 17:19:01 richardaharwood dovecot: auth(default): passwd(richard,83.170.110.193): lookup Aug 8 17:19:01 richardaharwood dovecot: auth(default): master out: USER 4 richard system_groups_user=richard uid=500 gid=500 home=/home/richard Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): Effective uid=500, gid=500, home=/home/richard Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): mbox: data=/var/spool/mail/vhosts/:INBOX=/var/spool/mail/vhosts//richard Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): fs: root=/var/spool/mail/vhosts, index=, control=, inbox=/var/spool/mail/vhosts//richard Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): open(/var/spool/mail/vhosts//richard) failed: Permission denied (euid=500(richard) egid=500(richard) missing +x perm: /var/spool/mail/vhosts/) Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): Couldn't open INBOX: Internal error occurred. Refer to server log for more information. [2009-08-08 17:19:01] Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): Couldn't open INBOX top=0/0, retr=0/0, del=0/0, size=0 Aug 8 17:19:01 richardaharwood dovecot: pop3-login: Login: user=<richard>, method=PLAIN, rip=83.170.110.193, lip=83.170.110.193, secured
Assuming I could login with richard@richardaharwood.com, I should imagine Dovecot will successfully find the inbox, which is located at /var/spool/mail/vhosts/richardaharwood.com/richard in this example.
I also notice the effective uid/gid is not that specified in the passwd file? The uid/gid appears to be that of my own ssh account which is not connected to the mail account that I wish to simply access as a virtual user. Would anyone be kind enough to point me in the right direction?
In a nutshell, where am I going wrong with my authentication? This is a basic setup for the time being, until I get my head around it, but any pointers would be really appreciated. Have spent quite a few hours but I don't feel much closer to getting to the bottom of it! :)
Many thanks, Richard