[Dovecot] Error - Dovecot Permission denied
CentOS 5.2 Postfix 2.3.3 (Came Packed with CentOS) Dovecot 1.1.1 Dovecot-Sieve 1.1.5
Did a complete new fresh install. When I send a message to: test@wildpeacockstudios.com, I get two error messages as listed in the /var/log/maillog:
(1) (lost connection with mail.tibonline.net[12.179.81.11] while receiving the initial server greeting)
(2) status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot.conf) failed: Permission denied )
Attached are copies of (a) Postfix, (b) Dovecot, (c) Dovecot-Sieve in '/home/test/' and (d) /var/log/maillog
[root@www ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all mail_owner = postfix mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = wildpeacockstudios.com myhostname = mail.wildpeacockstudios.com mynetworks = 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES relay_domains = relayhost = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot unknown_local_recipient_reject_code = 550 [root@www ~]# [root@www ~]#
[root@www ~]# dovecot -n # 1.1.2: /etc/dovecot.conf login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_location: maildir:~/Maildir mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: mechanisms: plain login passdb: driver: pam userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix [root@www ~]#
/home/test/.dovecot-sieve
require ["fileinto", "vacation"]; # Move spam to spam folder if exists "X-Spam-Flag" { fileinto "spam"; # Stop here so that we do not reply on spams stop; } vacation # Reply at most once a day to a same sender :days 1 :subject "Out of office reply" # List of recipient addresses which are included in the auto replying. # If a mail's recipient is not on this list, no vacation reply is sent for it. :addresses ["test@wildpeacockstudios.com"] "I'm out of office, please contact Joan Doe instead. Best regards John Doe";
/var/log/maillog
Jul 26 09:39:28 www dovecot: Dovecot v1.1.2 starting up Jul 26 09:39:29 www postfix/postfix-script: starting the Postfix mail system Jul 26 09:39:29 www postfix/master[4963]: daemon started -- version 2.3.3, configuration /etc/postfix Jul 26 09:39:29 www postfix/qmgr[4969]: 6EBA241C0007: from=test@wildpeacockstudios.com, size=722, nrcpt=1 (queue active)
Jul 26 09:39:31 www postfix/smtp[4996]: 6EBA241C0007: to=kbajwa@tibonline.net, relay=mail.tibonline.net[12.179.81.11]:25, delay=1011, delays=1009/0.15/2.3/0, dsn=4.4.2, status=deferred (lost connection with mail.tibonline.net[12.179.81.11] while receiving the initial server greeting)
Jul 26 09:41:07 www dovecot: pop3-login: Login: user=<test>, method=PLAIN, rip=192.168.0.64, lip=65.103.190.107 Jul 26 09:41:08 www dovecot: POP3(test): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 Jul 26 09:41:17 www postfix/smtpd[5583]: connect from unknown[192.168.0.64] Jul 26 09:41:17 www postfix/smtpd[5583]: D7F3F41C001C: client=unknown[192.168.0.64], sasl_method=PLAIN, sasl_username=kirtib Jul 26 09:41:17 www postfix/cleanup[5587]: D7F3F41C001C: message-id=488B459C.90600@wildpeacockstudios.com Jul 26 09:41:17 www postfix/qmgr[4969]: D7F3F41C001C: from=test@wildpeacockstudios.com, size=720, nrcpt=1 (queue active) Jul 26 09:41:17 www postfix/smtpd[5583]: disconnect from unknown[192.168.0.64] Jul 26 09:41:18 www postfix/smtp[5588]: D7F3F41C001C: to=kbajwa@tibonline.net, relay=mail.tibonline.net[12.179.81.11]:25, delay=0.43, delays=0.06/0.01/0.37/0, dsn=4.4.2, status=deferred (lost connection with mail.tibonline.net[12.179.81.11] while receiving the initial server greeting) Jul 26 09:42:05 www postfix/smtpd[5583]: connect from mail.spaceportusa.net[12.179.81.11] Jul 26 09:42:05 www postfix/smtpd[5583]: 8675D41C0028: client=mail.spaceportusa.net[12.179.81.11] Jul 26 09:42:06 www postfix/cleanup[5587]: 8675D41C0028: message-id=87B5712FBA1548208A9A393D2D28A036@Sunshine Jul 26 09:42:06 www postfix/qmgr[4969]: 8675D41C0028: from=kbajwa@tibonline.net, size=880, nrcpt=1 (queue active) Jul 26 09:42:06 www postfix/smtpd[5583]: disconnect from mail.spaceportusa.net[12.179.81.11]
Jul 26 09:42:06 www postfix/local[5596]: 8675D41C0028: to=test@wildpeacockstudios.com, relay=local, delay=1, delays=0.72/0.26/0/0.07, dsn=5.3.5, status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot.conf) failed: Permission denied )
Jul 26 09:42:06 www postfix/cleanup[5587]: 6C2DA41C002A: message-id=20080726154206.6C2DA41C002A@mail.wildpeacockstudios.com Jul 26 09:42:06 www postfix/qmgr[4969]: 6C2DA41C002A: from=<>, size=2882, nrcpt=1 (queue active) Jul 26 09:42:06 www postfix/bounce[5598]: 8675D41C0028: sender non-delivery notification: 6C2DA41C002A Jul 26 09:42:06 www postfix/qmgr[4969]: 8675D41C0028: removed Jul 26 09:42:06 www postfix/smtp[5588]: 6C2DA41C002A: to=kbajwa@tibonline.net, relay=mail.tibonline.net[12.179.81.11]:25, delay=0.37, delays=0/0/0.37/0, dsn=4.4.2, status=deferred (lost connection with mail.tibonline.net[12.179.81.11] while receiving the initial server greeting)
Help in fixing these errors is highly appreciated.
FYI: New to Postfix & Dovecot. Thanks.
Kirti
kbajwa wrote:
CentOS 5.2 Postfix 2.3.3 (Came Packed with CentOS) Dovecot 1.1.1 Dovecot-Sieve 1.1.5
Did a complete new fresh install. When I send a message to: test@wildpeacockstudios.com, I get two error messages as listed in the /var/log/maillog:
(1) (lost connection with mail.tibonline.net[12.179.81.11] while receiving the initial server greeting)
your postfix cannot connect to mail.tiboline.net. check if anything is breaking the connection (firewall, pix, ..., etc).
(2) status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot.conf) failed: Permission denied )
# ls -l / | grep /etc # ls -l /etc/dovecot.conf
and if you have selinux, apparmor or such beasts, make sure they are not preventing deliver from accessing /etc and/or to /etc/dovecot.conf.
Hello:
Since I posted this original messages, I have installed, re-installed Postfix-2.3.3, Dovecot-1.1.1 & Dovecot-Sieve-1.1.5 over and over & still got the "Permission Denied" error (see "/var/log/maillog" logs below).
Here what I found! If I add the following in "/etc/postfix/main.cf";
Mailbox_command = /usr/libexec/dovecot/deliver
Then the "Permission Denied" error appears and all mail is bounced back with error message.
If I remove this line, all emails are delivered fine. No error.
This problem started when I switched dovecot from Ver# 1.0.7 to 1.1.1
So my question is:
(1) has something changed in Dovecot V# 1.1.1 to cause this error? (2) what if I leave this line out? Would it cause problem with either Dovecot or Dovecot-Sieve? (3) Any other solution.
FYI, I have already included Postfix, Dovecot & Dovecot-Sieve configuration in my previous post.
HELP. I have spent 20 days on this problem.
Kirti
Jul 27 09:12:48 www dovecot: Dovecot v1.1.2 starting up Jul 27 09:12:49 www postfix/postfix-script: starting the Postfix mail system Jul 27 09:12:49 www postfix/master[4948]: daemon started -- version 2.3.3, configuration /etc/postfix
Jul 27 09:16:23 www postfix/smtpd[5613]: warning: 12.179.81.11: hostname mail.greaterlink.net verification failed: Name or service not known Jul 27 09:16:23 www postfix/smtpd[5613]: connect from unknown[12.179.81.11] Jul 27 09:16:23 www postfix/smtpd[5613]: E31DA41C0028: client=unknown[12.179.81.11] Jul 27 09:16:24 www postfix/cleanup[5617]: E31DA41C0028: message-id=614A512260124AD1BF7288DB1ED46CE2@Sunshine Jul 27 09:16:24 www postfix/qmgr[4967]: E31DA41C0028: from=kbajwa@tibonline.net, size=860, nrcpt=1 (queue active) Jul 27 09:16:24 www postfix/smtpd[5613]: disconnect from unknown[12.179.81.11]
Jul 27 09:16:24 www postfix/local[5623]: E31DA41C0028: to=test@wildpeacockstudios.com, relay=local, delay=0.99, delays=0.74/0.03/0/0.22, dsn=5.3.5, status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot.conf) failed: Permission denied )
Jul 27 09:16:24 www postfix/cleanup[5617]: B73C441C002A: message-id=20080727151624.B73C441C002A@mail.wildpeacockstudios.com Jul 27 09:16:24 www postfix/qmgr[4967]: B73C441C002A: from=<>, size=2862, nrcpt=1 (queue active) Jul 27 09:16:24 www postfix/bounce[5626]: E31DA41C0028: sender non-delivery notification: B73C441C002A Jul 27 09:16:24 www postfix/qmgr[4967]: E31DA41C0028: removed Jul 27 09:16:26 www postfix/smtp[5627]: B73C441C002A: to=kbajwa@tibonline.net, relay=mail.tibonline.net[12.179.81.11]:25, delay=1.4, delays=0.01/0.03/0.61/0.72, dsn=2.0.0, status=sent (250 OK) Jul 27 09:16:26 www postfix/qmgr[4967]: B73C441C002A: removed
kbajwa kbajwa@tibonline.net wrote:
Since I posted this original messages, I have installed, re-installed Postfix-2.3.3, Dovecot-1.1.1 & Dovecot-Sieve-1.1.5 over and over & still got the "Permission Denied" error (see "/var/log/maillog" logs below).
Here what I found! If I add the following in "/etc/postfix/main.cf";
Mailbox_command = /usr/libexec/dovecot/deliver
Then the "Permission Denied" error appears and all mail is bounced back with error message.
If I remove this line, all emails are delivered fine. No error.
[...]
(2) what if I leave this line out? Would it cause problem with either Dovecot or Dovecot-Sieve?
Unlikely; not setting mailbox_command just means Postfix will use local(8) for mail delivery.
[...]
Jul 27 09:16:24 www postfix/local[5623]: E31DA41C0028: to=test@wildpeacockstudios.com, relay=local, delay=0.99, delays=0.74/0.03/0/0.22, dsn=5.3.5, status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot.conf) failed: Permission denied )
What are the permissions on /etc/dovecot.conf? The mailbox_command is run with the UID and the primary group GID of the recipient, so if the conf file is unreadable by that user/group, you see the error above.
[...]
-- Sahil Tandon sahil@tandon.net
kbajwa wrote:
Hello:
Since I posted this original messages, I have installed, re-installed Postfix-2.3.3, Dovecot-1.1.1 & Dovecot-Sieve-1.1.5 over and over & still got the "Permission Denied" error (see "/var/log/maillog" logs below).
Here what I found! If I add the following in "/etc/postfix/main.cf";
Mailbox_command = /usr/libexec/dovecot/deliver
Then the "Permission Denied" error appears and all mail is bounced back with error message.
If I remove this line, all emails are delivered fine. No error.
This problem started when I switched dovecot from Ver# 1.0.7 to 1.1.1
So my question is:
(1) has something changed in Dovecot V# 1.1.1 to cause this error? (2) what if I leave this line out? Would it cause problem with either Dovecot or Dovecot-Sieve?
if you remove it, mail will be directly delivered by postfix. so no dovecot-sieve for example.
(3) Any other solution.
FYI, I have already included Postfix, Dovecot & Dovecot-Sieve configuration in my previous post.
FYI, I have asked for the output of two commands:
# ls -l / | grep /etc # ls -l /etc/dovecot.conf
in my previous post :)
HELP. I have spent 20 days on this problem.
if you ignore our posts, you may as well spend another 20 days ;-p
Mouss:
Here is the information you asked for:
[root@www ~]# ls -1 / | grep /etc [root@www ~]# ls -l /etc/dovecot.conf -rw-r----- 1 dovecot mail 46723 Jul 26 20:09 /etc/dovecot.conf [root@www ~]#
I hope you have an answer.
Kirti
-----Original Message----- From: dovecot-bounces+kbajwa=tibonline.net@dovecot.org [mailto:dovecot-bounces+kbajwa=tibonline.net@dovecot.org] On Behalf Of mouss Sent: Sunday, July 27, 2008 10:45 AM Cc: dovecot@dovecot.org Subject: Re: [Dovecot] Error - Dovecot Permission denied
FYI, I have asked for the output of two commands:
# ls -l / | grep /etc # ls -l /etc/dovecot.conf
in my previous post :)
kbajwa wrote:
Mouss:
Here is the information you asked for:
[root@www ~]# ls -1 / | grep /etc
no, it's a '-l' (letter l => L), not '-1' (number 1). I hate these fonts!
[root@www ~]# ls -l /etc/dovecot.conf -rw-r----- 1 dovecot mail 46723 Jul 26 20:09 /etc/dovecot.conf
so the delivery agent can't read the file since it is executed as the user who gets mail. thus "permission denied".
On Sat, 2008-07-26 at 10:06 -0600, kbajwa wrote:
(2) status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot.conf) failed: Permission denied )
So you're using multiple UIDs for users? Possible solutions:
a) Make dovecot.conf world-readable (Is there really something secret in it? ssl_key_password is the only one I can think of.)
b) Use virtual users with a single UID and make dovecot.conf owned by that UID.
c) Make deliver setgid-mail and change dovecot.conf group to mail.
On 7/26/2008, kbajwa (kbajwa@tibonline.net) wrote:
(1) (lost connection with mail.tibonline.net[12.179.81.11] while receiving the initial server greeting)
(2) status=bounced (local configuration error. Command output: Fatal: open(/etc/dovecot.conf) failed: Permission denied )
Please don't edit log entries like that... a lot of times the entries immeditately before or after what *you* think are relevant actually are *more* relevant...
--
Best regards,
Charles
participants (5)
-
Charles Marcus
-
kbajwa
-
mouss
-
Sahil Tandon
-
Timo Sirainen