Re: [Dovecot] Dovecot 1.2.12 + Postfix + virtual domains: delivering to system users

31 Dec 2010 · _not_

      I've tested with 3 different configurations,  using 3 users:
ran - a Linux system user that's in the postfix "virtual.db"
vmail - a system user _not_ in virtual.db
testing.testing - a Windoze user with no Linux account
All 3 configurations have passdb ldap and userdb ldap.
First config has no userdb or passdb for the Linux users.  Second config adds
userdb passwd.  Both work the same:
Mail to vmail bounces
Mail to ran is delivered OK to /home/ran/maildir
Mail to testing.testing goes to /var/mailstore//testing.testing/Maildir
But testing.testing mail _should_ go
to /var/mailstore/<domain>/testing.testing/Maildir.  As mentioned in my
earlier email,  %d doesn't seem to work with LDAP queries.
The third config adds passdb shadow.
Mail to vmail bounces
Mail to ran is delivered OK to /home/ran/maildir
Mail to testing.testing tries to go to /home/testing.testing/Maildir. This
delivery attempt fails because the manufactured Linux uid and gid are
wrong.  But it's also the wrong directory.
In a nutshel:  it appears Dovecot can't deliver to sysem users at all (Postfix
is taking care of "ran"), and the mere presence of a "passdb shadow" causes
the DAP lookups to go awry.
Here's the dovecot -n and mail.log for configuration 1 (email addresses in all
logs have been obscured by replacing domain name):
# 1.2.12: dovecot.conf.9
# OS: Linux 2.6.35-23-generic-pae i686 Ubuntu 10.10 ext4
log_timestamp: %Y-%m-%d %H:%M:%S
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_uid: 501
mail_gid: 501
mail_location: maildir:/var/mailstore/%d/%n/Maildir
mbox_write_locks: fcntl dotlock
imap_client_workarounds: delay-newmail outlook-idle netscape-eoh
lda:
postmaster_address: mail.server@lawleytechsupport.info
hostname: lawleytechsupport.info
auth default:
mechanisms: plain login
username_format: %Ln
verbose: yes
debug: yes
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
Dec 30 19:25:30 IBMUBUNTU1 dovecot: last message repeated 2 times
Dec 30 19:25:30 IBMUBUNTU1 dovecot: auth(default): Killed with signal 15 (by
pid=1 uid=0 code=kill)
Dec 30 19:25:30 IBMUBUNTU1 dovecot: dovecot: Killed with signal 15 (by pid=1
uid=0 code=kill)
Dec 30 19:25:30 IBMUBUNTU1 dovecot: Dovecot v1.2.12 starting up (core dumps
disabled)
Dec 30 19:25:36 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24878
Dec 30 19:25:36 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24877
Dec 30 19:25:36 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24879
Dec 30 19:26:57 IBMUBUNTU1 postfix/smtpd[24884]: connect from
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:26:57 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24884
Dec 30 19:26:57 IBMUBUNTU1 postfix/smtpd[24884]: NOQUEUE: reject: RCPT from
fed1rmmtao105.cox.net[68.230.241.41]: 550 5.1.1 <vmail@yyy.yyy>: Recipient
address rejected: User unknown in virtual mailbox table;
from=<embed-mobile@xxx.xxx> to=<vmail@yyy.yyy> proto=ESMTP
helo=<fed1rmmtao105.cox.net>
Dec 30 19:26:57 IBMUBUNTU1 postfix/smtpd[24884]: disconnect from
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/smtpd[24884]: connect from
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/smtpd[24884]: 3E63A101F19:
client=fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/cleanup[24889]: 3E63A101F19:
message-id=<201012301925.44033.embed-mobile@xxx.xxx>
Dec 30 19:27:11 IBMUBUNTU1 postfix/qmgr[19282]: 3E63A101F19:
from=<embed-mobile@xxx.xxx>, size=1361, nrcpt=1 (queue active)
Dec 30 19:27:11 IBMUBUNTU1 postfix/smtpd[24884]: disconnect from
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/local[24890]: 3E63A101F19:
to=<ran@localhost>, orig_to=<ran@yyy.yyy>, relay=local, delay=0.28,
delays=0.23/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 19:27:11 IBMUBUNTU1 postfix/qmgr[19282]: 3E63A101F19: removed
Dec 30 19:27:25 IBMUBUNTU1 postfix/smtpd[24884]: connect from
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 19:27:25 IBMUBUNTU1 postfix/smtpd[24884]: 1DA90101F19:
client=fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 19:27:25 IBMUBUNTU1 postfix/cleanup[24889]: 1DA90101F19:
message-id=<201012301925.57821.embed-mobile@xxx.xxx>
Dec 30 19:27:25 IBMUBUNTU1 postfix/qmgr[19282]: 1DA90101F19:
from=<embed-mobile@xxx.xxx>, size=1409, nrcpt=1 (queue active)
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): master in:
USER#0111#011testing.testing@yyy.yyy#011service=deliver
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing): user
search: base=dc=lawley, dc=local scope=subtree filter=(&(objectClass=user)
(samaccountname=testing.testing)) fields=
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing):
result: objectClass(?unknown?)= cn(?unknown?)= sn(?unknown?)=
givenName(?unknown?)= distinguishedName(?unknown?)= instanceType(?unknown?)=
whenCreated(?unknown?)= whenChanged(?unknown?)= displayName(?unknown?)=
uSNCreated(?unknown?)= uSNChanged(?unknown?)= name(?unknown?)=
objectGUID(?unknown?)= userAccountControl(?unknown?)=
primaryGroupID(?unknown?)= objectSid(?unknown?)= sAMAccountName(?unknown?)=
sAMAccountType(?unknown?)= userPrincipalName(?unknown?)=
objectCategory(?unknown?)=
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): master out:
USER#0111#011testing.testing#011home=/var/mailstore//testing.testing.
=uid=501#011gid=501#011mail=maildir:/var/mailstore//testing.testing/Maildir/
Dec 30 19:27:25 IBMUBUNTU1 postfix/smtpd[24884]: disconnect from
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 19:27:25 IBMUBUNTU1 dovecot: deliver(testing.testing):
msgid=<201012301925.57821.embed-mobile@xxx.xxx>: saved mail to INBOX
Dec 30 19:27:25 IBMUBUNTU1 postfix/pipe[24891]: 1DA90101F19:
to=<testing.testing@yyy.yyy>, relay=dovecot, delay=0.36,
delays=0.23/0.01/0/0.12, dsn=2.0.0, status=sent (delivered via dovecot
service)
Dec 30 19:27:25 IBMUBUNTU1 postfix/qmgr[19282]: 1DA90101F19: removed

Here's the dovecot -n and mail.log for configuration 2:
# 1.2.12: dovecot.conf.11
# OS: Linux 2.6.35-23-generic-pae i686 Ubuntu 10.10 ext4
log_timestamp: %Y-%m-%d %H:%M:%S
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_uid: 501
mail_gid: 501
mail_location: maildir:/var/mailstore/%d/%n/Maildir
mbox_write_locks: fcntl dotlock
imap_client_workarounds: delay-newmail outlook-idle netscape-eoh
lda:
postmaster_address: mail.server@lawleytechsupport.info
hostname: lawleytechsupport.info
auth default:
mechanisms: plain login
username_format: %Ln
verbose: yes
debug: yes
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
userdb:
driver: passwd
args: mail=maildir:~/Maildir
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
Dec 30 19:18:39 IBMUBUNTU1 postfix/smtpd[24843]: connect from
fed1rmmtao102.cox.net[68.230.241.44]
Dec 30 19:18:39 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24843
Dec 30 19:18:39 IBMUBUNTU1 postfix/smtpd[24843]: NOQUEUE: reject: RCPT from
fed1rmmtao102.cox.net[68.230.241.44]: 550 5.1.1 <vmail@yyy.yyy>: Recipient
address rejected: User unknown in virtual mailbox table;
from=<embed-mobile@xxx.xxx> to=<vmail@yyy.yyy> proto=ESMTP
helo=<fed1rmmtao102.cox.net>
Dec 30 19:18:39 IBMUBUNTU1 postfix/smtpd[24843]: disconnect from
fed1rmmtao102.cox.net[68.230.241.44]
Dec 30 19:18:54 IBMUBUNTU1 postfix/smtpd[24843]: connect from
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 19:18:54 IBMUBUNTU1 postfix/smtpd[24843]: 636DD101F22:
client=fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 19:18:54 IBMUBUNTU1 postfix/cleanup[24848]: 636DD101F22:
message-id=<201012301917.17808.embed-mobile@xxx.xxx>
Dec 30 19:18:54 IBMUBUNTU1 postfix/qmgr[19282]: 636DD101F22:
from=<embed-mobile@xxx.xxx>, size=1362, nrcpt=1 (queue active)
Dec 30 19:18:54 IBMUBUNTU1 postfix/smtpd[24843]: disconnect from
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 19:18:54 IBMUBUNTU1 postfix/local[24849]: 636DD101F22:
to=<ran@localhost>, orig_to=<ran@yyy.yyy>, relay=local, delay=0.31,
delays=0.26/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 19:18:54 IBMUBUNTU1 postfix/qmgr[19282]: 636DD101F22: removed
Dec 30 19:19:02 IBMUBUNTU1 postfix/smtpd[24843]: connect from
fed1rmmtao106.cox.net[68.230.241.40]
Dec 30 19:19:03 IBMUBUNTU1 postfix/smtpd[24843]: 047FA101F22:
client=fed1rmmtao106.cox.net[68.230.241.40]
Dec 30 19:19:03 IBMUBUNTU1 postfix/cleanup[24848]: 047FA101F22:
message-id=<201012301917.31815.embed-mobile@xxx.xxx>
Dec 30 19:19:03 IBMUBUNTU1 postfix/qmgr[19282]: 047FA101F22:
from=<embed-mobile@xxx.xxx>, size=1408, nrcpt=1 (queue active)
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): master in:
USER#0111#011testing.testing@yyy.yyy#011service=deliver
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing): user
search: base=dc=lawley, dc=local scope=subtree filter=(&(objectClass=user)
(samaccountname=testing.testing)) fields=
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing):
result: objectClass(?unknown?)= cn(?unknown?)= sn(?unknown?)=
givenName(?unknown?)= distinguishedName(?unknown?)= instanceType(?unknown?)=
whenCreated(?unknown?)= whenChanged(?unknown?)= displayName(?unknown?)=
uSNCreated(?unknown?)= uSNChanged(?unknown?)= name(?unknown?)=
objectGUID(?unknown?)= userAccountControl(?unknown?)=
primaryGroupID(?unknown?)= objectSid(?unknown?)= sAMAccountName(?unknown?)=
sAMAccountType(?unknown?)= userPrincipalName(?unknown?)=
objectCategory(?unknown?)=
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): master out:
USER#0111#011testing.testing#011home=/var/mailstore//testing.testing.
=uid=501#011gid=501#011mail=maildir:/var/mailstore//testing.testing/Maildir/
Dec 30 19:19:03 IBMUBUNTU1 postfix/smtpd[24843]: disconnect from
fed1rmmtao106.cox.net[68.230.241.40]
Dec 30 19:19:03 IBMUBUNTU1 dovecot: deliver(testing.testing):
msgid=<201012301917.31815.embed-mobile@xxx.xxx>: saved mail to INBOX
Dec 30 19:19:03 IBMUBUNTU1 postfix/pipe[24850]: 047FA101F22:
to=<testing.testing@yyy.yyy>, relay=dovecot, delay=0.56,
delays=0.46/0.01/0/0.1, dsn=2.0.0, status=sent (delivered via dovecot
service)
Dec 30 19:19:03 IBMUBUNTU1 postfix/qmgr[19282]: 047FA101F22: removed

Here's the dovecot -n and mail.log for configuration 3:
# 1.2.12: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.35-23-generic-pae i686 Ubuntu 10.10 ext4
log_timestamp: %Y-%m-%d %H:%M:%S
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_uid: 501
mail_gid: 501
mail_location: maildir:/var/mailstore/%d/%n/Maildir
mbox_write_locks: fcntl dotlock
imap_client_workarounds: delay-newmail outlook-idle netscape-eoh
lda:
postmaster_address: mail.server@lawleytechsupport.info
hostname: lawleytechsupport.info
auth default:
mechanisms: plain login
username_format: %Ln
verbose: yes
debug: yes
passdb:
driver: shadow
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
userdb:
driver: passwd
args: mail=maildir:/home/%n/Maildir
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
Dec 30 08:02:20 IBMUBUNTU1 postfix/cleanup[23693]: 502151009C7:
message-id=<20101230150220.502151009C7@mail.lawleytechsupport.info>
Dec 30 08:02:20 IBMUBUNTU1 postfix/qmgr[19282]: 502151009C7:
from=<root@yyy.yyy>, size=409, nrcpt=1 (queue active)
Dec 30 08:02:20 IBMUBUNTU1 postfix/local[23695]: 502151009C7:
to=<root@localhost>, orig_to=<root>, relay=local, delay=0.19,
delays=0.14/0.02/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 08:02:20 IBMUBUNTU1 postfix/qmgr[19282]: 502151009C7: removed
Dec 30 17:34:41 IBMUBUNTU1 postfix/smtpd[24338]: connect from
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:34:41 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24338
Dec 30 17:34:41 IBMUBUNTU1 postfix/smtpd[24338]: NOQUEUE: reject: RCPT from
fed1rmmtao107.cox.net[68.230.241.39]: 550 5.1.1 <vmail@yyy.yyy>: Recipient
address rejected: User unknown in virtual mailbox table;
from=<embed-mobile@xxx.xxx> to=<vmail@yyy.yyy> proto=ESMTP
helo=<fed1rmmtao107.cox.net>
Dec 30 17:34:42 IBMUBUNTU1 postfix/smtpd[24338]: disconnect from
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:37:34 IBMUBUNTU1 postfix/smtpd[24346]: connect from
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 17:37:34 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24346
Dec 30 17:37:34 IBMUBUNTU1 postfix/smtpd[24346]: 60C91101F15:
client=fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 17:37:34 IBMUBUNTU1 postfix/cleanup[24350]: 60C91101F15:
message-id=<201012301736.07378.embed-mobile@xxx.xxx>
Dec 30 17:37:34 IBMUBUNTU1 postfix/qmgr[19282]: 60C91101F15:
from=<embed-mobile@xxx.xxx>, size=1378, nrcpt=1 (queue active)
Dec 30 17:37:34 IBMUBUNTU1 postfix/local[24351]: 60C91101F15:
to=<ran@localhost>, orig_to=<ran@yyy.yyy>, relay=local, delay=0.3,
delays=0.24/0.01/0/0.05, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 17:37:34 IBMUBUNTU1 postfix/qmgr[19282]: 60C91101F15: removed
Dec 30 17:37:34 IBMUBUNTU1 postfix/smtpd[24346]: disconnect from
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 17:40:54 IBMUBUNTU1 postfix/anvil[24341]: statistics: max connection
rate 1/60s for (smtp:68.230.241.39) at Dec 30 17:34:41
Dec 30 17:40:54 IBMUBUNTU1 postfix/anvil[24341]: statistics: max connection
count 1 for (smtp:68.230.241.39) at Dec 30 17:34:41
Dec 30 17:40:54 IBMUBUNTU1 postfix/anvil[24341]: statistics: max cache size 1
at Dec 30 17:34:41
Dec 30 17:55:05 IBMUBUNTU1 postfix/smtpd[24508]: connect from
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:55:05 IBMUBUNTU1 dovecot: auth(default): new auth connection:
pid=24508
Dec 30 17:55:06 IBMUBUNTU1 postfix/smtpd[24508]: 230F2101F19:
client=fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:55:06 IBMUBUNTU1 postfix/cleanup[24513]: 230F2101F19:
message-id=<201012301753.38728.embed-mobile@xxx.xxx>
Dec 30 17:55:06 IBMUBUNTU1 postfix/qmgr[19282]: 230F2101F19:
from=<embed-mobile@xxx.xxx>, size=1425, nrcpt=1 (queue active)
Dec 30 17:55:06 IBMUBUNTU1 dovecot: auth(default): master in:
USER#0111#011testing.testing@yyy.yyy#011service=deliver
Dec 30 17:55:06 IBMUBUNTU1 dovecot: auth(default): passwd(testing.testing):
lookup
Dec 30 17:55:06 IBMUBUNTU1 postfix/smtpd[24508]: disconnect from
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:55:16 IBMUBUNTU1 dovecot: auth(default): master out:
USER#0111#011testing.testing#011mail=maildir:/home/testing.testing/Maildir#011system_groups_user=testing.testing#011uid=10001#011gid=10013#011home=/home/LAWLEY/testing.testing
Dec 30 17:55:16 IBMUBUNTU1 dovecot: deliver(testing.testing@yyy.yyy): Fatal:
setgid(10013(domain users)) failed with euid=501(vmail), gid=501(vmail),
egid=501(vmail): Operation not permitted (This binary should probably be
called with process group set to 10013(domain users) instead of 501(vmail))
Dec 30 17:55:16 IBMUBUNTU1 postfix/pipe[24514]: 230F2101F19:
to=<testing.testing@yyy.yyy>, relay=dovecot, delay=11, delays=0.34/0.01/0/10,
dsn=4.3.0, status=deferred (temporary failure)

Re: [Dovecot] Dovecot 1.2.12 + Postfix + virtual domains: delivering to system users

Ran Talbott