Im trying to convert my dovecot-lda setup to use LMTP for better security. My setup is postfix + dovecot + mysql with virtual users. Im setting up dovecot 2.2.1 w/postfix 2.10.0
Im still learning dovecot so Im not totally sure where Im going wrong. Can someone point out why Im getting permission problems? Im also concerned with server security, so if you notice anything that should be better, please point that out. I am the only user on this Linux box.
Thank you!
ls -l /opt/imapdata/j/jeff/INBOX total 8 drwxr-xr-x 2 vmail vmail 4096 Apr 27 14:21 ./ drwxr-xr-x 3 vmail vmail 4096 Apr 27 14:21 ../
Dovecot is running with the following users: root 20847 0.0 0.0 15572 1108 ? Ss 10:23 0:00 /opt/optdovecot/sbin/dovecot dovenull 20848 0.0 0.0 46752 2724 ? S 10:23 0:00 dovecot/imap-login dovenull 20849 0.0 0.0 46752 2720 ? S 10:23 0:00 dovecot/imap-login vmail 20850 0.0 0.0 13408 1068 ? S 10:23 0:00 dovecot/anvil root 20851 0.0 0.0 13540 1192 ? S 10:23 0:00 dovecot/log root 20853 0.0 0.0 16504 2128 ? S 10:23 0:00 dovecot/config vmail 20854 0.0 0.0 136448 2972 ? S 10:23 0:00 dovecot/auth
Im getting the following when an email comes in:
Apr 29 10:11:57 fed8 postfix/virtual[20666]: D88F3DF3BD: to=<jeff@mydomain.com>, relay=virtual, delay=370, delays=370/0.03/0/0.07, dsn=4.2.0, status=deferred (delivery failed to mailbox ///opt/imapdata/j/jeff/INBOX/inbox: unable to create lock file ///opt/imapdata/j/jeff/INBOX/inbox.lock: Permission denied)
my postfix/master.cf entry:
dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/opt/dovecot/libexec/dovecot/lmtp -f ${sender} -d ${recipient}
doveconf -n:
# 2.2.1: /opt/dovecot221/etc/dovecot/dovecot.conf # OS: Linux 3.8.5-201.fc18.x86_64 x86_64 Fedora release 18 (Spherical Cow) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain default_internal_user = vmail first_valid_gid = 2000 first_valid_uid = 2000 listen = * lock_method = flock login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c mail_debug = yes mail_gid = vmail mail_privileged_group = vmail mail_uid = vmail mbox_lock_timeout = 1 mins mbox_write_locks = fcntl passdb { args = /opt/dovecot/etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size } postmaster_address = jeff@otherdomain.com protocols = imap lmtp sendmail_path = /usr/lib/sendmail service auth { inet_listener { port = 12345 } unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { mode = 0660 user = vmail } user = $default_internal_user } service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 2 service_count = 1 vsz_limit = 64 M } service lmtp { executable = lmtp -L inet_listener lmtp { address = 192.168.1.22 127.0.0.1 port = 24 } unix_listener lmtp { mode = 0666 } user = vmail } ssl = required ssl_cert = </opt/dovecot/etc/dovecot/conf.d/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW:!MEDIUM:!SSLv1:!SSLv2:!MD5:!SSL1:!SSL2:!EXP-ADH-DES-CBC-SHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXP-DES-CBC-SHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXP-ADH-DES-CBC-SHA:!EXP-DES-CBC-SHA:!ADH-AES256-SHA:!ADH-AES128-SHA:!ADH-DES-CBC3-SHA:!EXP-ADH-DES-CBC-SHA:!EXP-ADH-DES-CBC-SHA:!ADH-DES-CBC3-SHA:TLSv1 ssl_key = </opt/dovecot/etc/dovecot/conf.d/ssl/private/dovecot.pem userdb { args = uid=vmail gid=vmail home=/opt/imapdata/%1n/%n driver = static } userdb { args = /opt/dovecot/etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } userdb { args = /opt/dovecot/etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_ssl = yes protocol lmtp { info_log_path = /var/log/dovelmtp.log mail_plugins = " sieve" } protocol lda { info_log_path = /var/log/doveinfo.log log_path = /var/log/dovelda.log } protocol imap { imap_idle_notify_interval = 1 mins imap_max_line_length = 64 k mail_max_userip_connections = 5 }
/mf/home/jeep/shell/.signature