Re: LDA ignores virtual mailbox settings

27 Dec 2020


      ...
On 27/12/2020 21:54 Toni Mueller support@oeko.net wrote:
Hi Aki,
On Sun, Dec 27, 2020 at 09:18:25PM +0200, Aki Tuomi wrote:
...
...
On 27/12/2020 18:19 Toni Mueller support@oeko.net wrote:
16:04:16 postfix/qmgr[4970]: 8CD6CE072E: from=user@example.com, size=880, nrcpt=1 (queue active)
16:04:16 dovecot: auth: Debug: master in: USER#0111#011user@example.com#011service=lda
16:04:16 dovecot: auth: Debug: prefetch(user@example.com): passdb didn't return userdb entries, trying the next userdb
16:04:16 dovecot: auth: Debug: sql(user@example.com): SELECT '/path-to-mailboxen/' || virtual_users.home AS home, uid , gid , quota as quota_rule FROM virtual_users WHERE email = 'user@example.com' AND status = 'A'
16:04:16 dovecot: auth: Debug: userdb out: USER#0111#011user@example.com#011home=/path-to-mailboxen/example.com/user#011uid=12345#011gid=12345#011quota_rule=*:storage=0
^^^^^^^^^^^^^^^^^^^^^^
This shows that the database lookup works. The intended effect should be
that the message is delivered to
/path-to-mailboxen/example.com/user/Maidir/new
16:04:16 dovecot: lda(user@example.com)<5291>: Error: setegid(privileged) failed: Operation not permitted
16:04:16 dovecot: lda(user@example.com)<5291>: Error: Mailbox INBOX: open(/var/mail/user@example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
^^^^^^^^^^^^^^^^^^^^^^
And this shows that dovecot-lda just ignores the result.
16:04:16 dovecot: lda(user@example.com)<5291>: Error: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user@example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
16:04:16 dovecot: lda(user@example.com)<5291>: msgid=20201226224933.014608@laptop.example.com: save failed to open mailbox INBOX: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user@example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775)
16:04:16 postfix/pipe[5284]: 8CD6CE072E: to=user@example.com, orig_to=userA@example2.com, relay=dovecot, delay=62083, delays=62083/0.04/0/0.04, dsn=4.3.0, status=deferred (temporary failure)
In /etc/postfix/master.cf, I have this to call it:
dovecot   unix  -       n       n       -       -       pipe
flags=DRhu user=_mailbox argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${domain} -a ${recipient}
Try adding
mail_privileged_group = mail
I am not sure why you recommend this. I never ever want to deliver to
/var/mail, and my mailbox directory has group 'mailbox' - hence I have
mail_privileged_group = mailbox
in my configuration.
My question is why this thing wants to deliver to /var/mail, despite
having a different location from the userdb, and how I can force it to
use the location from the userdb.
Thanks,
Toni
Sorry, I misread your problem..
can you try checking output of
doveadm user <username>
and
doveadm auth lookup <username>
Also, including doveconf -n would be useful.
Aki