On 2/3/19 2:09 PM, Hegedüs Ervin wrote:
Hi John,
On Sun, Feb 03, 2019 at 09:56:38AM +0100, John Fawcett wrote:
On 01/02/2019 13:39, Ervin Hegedüs wrote:
I'ld try to set up the managesieve (for RoundCube) - the sieve is works as well with dovecot (I mean my filters works perfectly).
When I would try to connect to managesieve, I got an error, and mail.err contains:
dovecot: managesieve(airween@mydomain.hu): Error: user airween@madomain.hu: Couldn't drop privileges: getgrnam(vmail) failed: Permission denied (in mail_privileged_group setting)
Also I got it when I try to connect to port 4190 at localhost (with telnet), and send the generated AUTH string (with sieve-auth-command.pl). it can often help if you give versions of the dovecot and pigeonhole as well as posting the config (dovecot -n) since people may be able to spot configuration errors. sorry, you're right, I forgot it :(
# 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 ext4 auth_mechanisms = plain login mail_location = maildir:/var/spool/postfix/virtual/%d/%n mail_privileged_group = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { args = /etc/dovecot/dovecot-sql.conf quota = maildir:User quota quota_rule = *:storage=500M quota_rule2 = Trash:storage=+50M quota_rule3 = spam:ignore sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { mode = 0600 user = vmail } user = dovecot } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl_cert =
It may be an obvious thing, but do you have a vmail group in /etc/group? sure,
# getent group | grep vmail daemon:x:1:vmail vmail:x:5000:vmail
thanks,
a.
Checking further, the managesieve-login process is chrooted by default. I wonder if it can then read /etc/group. Are you using mail_privileged_group because of the permissions on your mail storage directories would not otherwise allow them to be accessed? If not you could try to just set mail_privileged_group to blank and restart dovecot.
John