[Dovecot] LDA ignored
Hi,
my final goal is it to make use Dovecot's sieve modul - but unfortunately I'm not getting the LDA running as it is described in the Dovecot's wiki pages ... ;/ I've more and more getting the feeling that the LDA section in the configuration is completely ignored, cause whatever change I do in there is not being recognized at all - I could just type wildly arround in there - restart Dovecot and it will work. But the dovecot.conf is being used by Dovecot - cause changes to other sections are affecting Dovecot's behaviour ... it's really just the LDA section. I configured and compiled Dovecot with LDA & Managesieve. Otherwhise Dovecot / Postfix setup is running quite well - mail is being scanned by amavis and Spamassassin and delivered as it did before I added / changed the configs to the sieve related options ... It's very weired.
I activated "mail_debug = yes" and the following shows up when I start Dovecot:
Starting dovecot. ILoading modules from directory: /usr/local/lib/dovecot/imap IModule loaded: /usr/local/lib/dovecot/imap/lib10_quota_plugin.so IModule loaded: /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so IEffective uid=65534, gid=65534, home=/tmp Iquota: No quota setting - plugin disabled IEffective uid=65534, gid=65534, home=/tmp
It doesn't say a thing about sieve / lda ... ;(
The proof that Dovecot is running:
Server # ps aux | grep dove root 29355 0.0 0.1 5944 1768 ?? Ss 10:02PM 0:00.05 /usr/local/sbin/dovecot -c /usr/local/etc/dovecot.conf nobody 29356 0.0 0.3 17372 3512 ?? S 10:02PM 0:00.03 dovecot-auth dovecot 29359 0.0 0.3 9816 3256 ?? I 10:02PM 0:00.04 managesieve-login dovecot 29360 0.0 0.3 9816 3256 ?? I 10:02PM 0:00.05 managesieve-login dovecot 29361 0.0 0.3 9816 3256 ?? I 10:02PM 0:00.03 managesieve-login dovecot 29362 0.0 0.3 9816 3248 ?? I 10:02PM 0:00.03 pop3-login dovecot 29363 0.0 0.3 9816 3248 ?? I 10:02PM 0:00.05 pop3-login dovecot 29364 0.0 0.3 9816 3248 ?? I 10:02PM 0:00.03 pop3-login dovecot 29365 0.0 0.3 9812 3260 ?? I 10:02PM 0:00.03 imap-login dovecot 29366 0.0 0.3 9812 3260 ?? I 10:02PM 0:00.03 imap-login dovecot 29367 0.0 0.3 9812 3448 ?? S 10:02PM 0:00.03 imap-login: imap-login [192.168.1.233 TLS] (imap-login) dovecot 29374 0.0 0.3 9812 3260 ?? I 10:03PM 0:00.02 imap-login
The last lines of Postfix master.cf:
dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}
# AMaVIs interface smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
and finally some more out of the dovecot.conf:
[...]
protocols = imap imaps pop pop3s managesieve lda
[...]
mail_debug = yes
[...]
protocol lda { mail_plugins = sieve # ... other plugins like quota mail_plugin_dir = /usr/local/lib/dovecot/lda # If there is no user-specific Sieve-script, global Sieve script is # executed if set. sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve postmaster_address = admin@server.netocean sendmail_path = /usr/local/sbin/sendmail log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log }
[...]
plugin { ## # NOTE: %variable expansion works only with Dovecot v1.0.2+ ## sieve = /var/sieve-scripts/%u.sieve
# quota = maildir
# The location of the users active script:
sieve = ~/.dovecot.sieve
# If the user has no personal active script (i.e. if the file
# indicated in sieve= does not exist), use this one:
#sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
# The include extension fetches the :personal scripts from this
# directory. When ManageSieve is used, this is also where scripts
# are uploaded.# sieve_dir = ~/sieve
# The include extension fetches the :global scripts from this
# directory. Extension hamm wir nicht aktiviert.# sieve_global_dir = /usr/local/etc/dovecot/sieve/global/
# Scripts executed before the user's script.
# E.g. handling messages marked as dangerous# sieve_before = /var/lib/dovecot/sieve/discard-virusses.sieve
# Scripts executed after the user's script (if keep is still in effect)
# E.g. default mail filing rules.# sieve_after = /var/lib/dovecot/sieve/after.d/
}
[...]
Any suggestions of what I'm doing wrong? Thx
Leander S. put forth on 7/8/2010 8:02 AM:
Any suggestions of what I'm doing wrong?
Missing this maybe?
Then set virtual_transport to dovecot in /etc/postfix/main.cf:
dovecot_destination_recipient_limit = 1 virtual_mailbox_domains = your.domain.here virtual_transport = dovecot
-- Stan
Am 08.07.2010 15:22, schrieb Stan Hoeppner:
Leander S. put forth on 7/8/2010 8:02 AM:
Any suggestions of what I'm doing wrong?
Missing this maybe?
Then set virtual_transport to dovecot in /etc/postfix/main.cf:
dovecot_destination_recipient_limit = 1 virtual_mailbox_domains = your.domain.here virtual_transport = dovecot
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
On Thu, 08 Jul 2010 15:28:15 +0200 Leander S. leander.schaefer@googlemail.com articulated:
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
Please post the output of "postconf -n". Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger.
It sounds suspiciously like you have 'virtual' configured incorrectly. When replying, please show which domains are "virtual".
-- Jerry ✌ Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
I saw a subliminal advertising executive, but only for a second.
Steven WrightJerry schrieb:
On Thu, 08 Jul 2010 15:28:15 +0200 Leander S. leander.schaefer@googlemail.com articulated:
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
Please post the output of "postconf -n". Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger.
It sounds suspiciously like you have 'virtual' configured incorrectly. When replying, please show which domains are "virtual".
^^ currently this is a testing system - it has a two virtual domains running. They're stored in a PGSQL Backend. What details will be interesting for you? Must I post the table structure with values?
Let me know if you need more
################# #################
server [~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases allow_mail_to_commands = alias, forward allow_mail_to_files = alias, forward append_at_myorigin = yes append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m broken_sasl_auth_clients = no command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 3 default_privs = nobody default_process_limit = 100 default_recipient_limit = 200 disable_dns_lookups = no header_size_limit = 102400 html_directory = /usr/local/share/doc/postfix inet_interfaces = all inet_protocols = ipv4 local_recipient_maps = proxy:unix:passwd.byname $alias_maps mail_name = home-MTA mail_owner = postfix mail_version = 1.0 mailbox_size_limit = 0 mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydestination = $myhostname, localhost.$mydomain, localhost mydomain = home myhostname = server.home mynetworks = 127.0.0.0/8 mynetworks_style = subent myorigin = $myhostname newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_delimiter = + resolve_numeric_domain = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_host_lookup = dns, native smtp_sasl_auth_enable = no smtp_tls_note_starttls_offer = yes smtpd_delay_reject = yes smtpd_enforce_tls = no smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_starttls_timeout = 300s smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes syslog_facility = mail syslog_name = ${multi_instance_name:postfix}${multi_instance_name?$multi_instance_name} tls_random_prng_update_period = 3600s tls_random_source = dev:/dev/urandom transport_maps = pgsql:/usr/local/etc/postfix/transport_maps unknown_local_recipient_reject_code = 550 virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps server [~]#
################# #################
server [~]# postfinger postfinger - postfix configuration on Thu Jul 8 20:32:40 CEST 2010 version: 1.30
Warning: postfinger output may show private configuration information, such as ip addresses and/or domain names which you do not want to show to the public. If this is the case it is your responsibility to modify the output to hide this private information. [Remove this warning with the --nowarn option.]
--System Parameters-- mail_version = 2.6.5 hostname = server.home uname = FreeBSD server.home 8.0-RELEASE FreeBSD 8.0-RELEASE #5: Tue Jun 22 20:48:20 CEST 2010 root@server.home:/usr/obj/usr/src/sys/home amd64
--Packaging information-- looks like this postfix comes from BSD package: postfix-2.6.5,1
--main.cf non-default parameters-- append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m content_filter = smtp-amavis:[127.0.0.1]:10024 debug_peer_level = 3 default_recipient_limit = 200 mail_name = home-MTA mail_version = 1.0 mailbox_size_limit = 0 max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydomain = home mynetworks = 127.0.0.0/8 mynetworks_style = subent recipient_delimiter = + smtp_host_lookup = dns, native smtp_tls_note_starttls_offer = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_use_tls = yes transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps
--master.cf-- smtp inet n - n - - smtpd smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
-- end of postfinger output -- server [~]#
################# #################
server [~]# cat /usr/local/etc/dovecot.conf
## ## Network ## protocols = imap imaps pop3 pop3s managesieve listen = * shutdown_clients = yes
## ## Logging ## #mail_debug = yes #auth_verbose = yes #auth_debug = yes #auth_debug_passwords = yes log_timestamp = "%b %d %H:%M:%S " syslog_facility = mail
## ## SSL settings ## ssl = yes ssl_cert_file = /etc/ssl/dovecot/cert.pem ssl_key_file = /etc/ssl/dovecot/key.pem #ssl_key_password = passphrase
## ## Login processes ## verbose_proctitle = yes login_user = dovecot login_greeting = home MailSystem
## ## Mailbox locations and namespaces ## # Not being used since we use PGSQL Virtual mail_location = maildir:/var/mail/%d/%n mail_privileged_group = mail
## ## Mail processes ## dotlock_use_excl = yes first_valid_uid = 2000 first_valid_gid = 2000
## ## Mailbox handling optimizations ## mailbox_idle_check_interval = 30
## ## Maildir-specific settings ## maildir_copy_with_hardlinks = yes
## ## IMAP specific settings ## protocol imap { #listen = *:143 #ssl_listen = *:993 login_executable = /usr/local/libexec/dovecot/imap-login mail_executable = /usr/local/libexec/dovecot/imap mail_plugins = quota imap_quota mail_plugin_dir = /usr/local/lib/dovecot/imap #imap_max_line_length = 65536 imap_client_workarounds = outlook-idle }
## ## POP3 specific settings ## protocol pop3 { #listen = *:110 #ssl_listen = *:995 login_executable = /usr/local/libexec/dovecot/pop3-login mail_executable = /usr/local/libexec/dovecot/pop3 pop3_lock_session = no pop3_uidl_format = %08Xu%08Xv mail_plugins = quota mail_plugin_dir = /usr/local/lib/dovecot/pop3 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh }
## ## ManageSieve specific settings ## protocol managesieve { # Login executable location. #login_executable = /usr/local/libexec/dovecot/managesieve-login
# ManageSieve executable location. See IMAPs mail_executable above for
# examples how this could be changed.
#mail_executable = /usr/local/libexec/dovecot/managesieve
# Maximum ManageSieve command line length in bytes. This setting is
# directly borrowed from IMAP. But, since long command lines are very
# unlikely with ManageSieve, changing this will not be very useful.
#managesieve_max_line_length = 65536
# ManageSieve logout format string:
# %i - total number of bytes read from client
# %o - total number of bytes sent to client
#managesieve_logout_format = bytes=%i/%o
# If, for some inobvious reason, the sieve_storage remains unset, the
# ManageSieve daemon uses the specification of the mail_location to
find out
# where to store the sieve files (see explaination in
README.managesieve).
# The example below, when uncommented, overrides any global
mail_location
# specification and stores all the scripts in ~/mail/sieve if
sieve_storage
# is unset. However, you should always use the sieve_storage
setting.
# mail_location =
mbox:~/mail
# To fool ManageSieve clients that are focused on timesieved you can
# specify the IMPLEMENTATION capability that the dovecot reports to
clients
# (default:
"dovecot").
#managesieve_implementation_string = Cyrus timsieved
v2.2.13
}
## ## LDA specific settings ## protocol lda { postmaster_address = admin@server.home mail_plugins = sieve log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log }
## ## Authentication processes ## auth_executable = /usr/local/libexec/dovecot/dovecot-auth auth_cache_size = 0 auth_cache_ttl = 3600 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu disable_plaintext_auth = yes
auth default { mechanisms = cram-md5 passdb sql { args = /usr/local/etc/dovecot-sql.conf } userdb sql { args = /usr/local/etc/dovecot-sql.conf } user = nobody socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } }
## ## Plugin settings ## plugin {
# The location of the users active script: sieve = ~/.dovecot.sieve
# The include extension fetches the :personal scripts from this # directory. When ManageSieve is used, this is also where scripts # are uploaded. #sieve_dir = ~/sieve
# If the user has no personal active script (i.e. if the file # indicated in sieve= does not exist), use this one: sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
# The include extension fetches the :global scripts from this # directory. Extension hamm wir nicht aktiviert. #sieve_global_dir = /usr/local/etc/dovecot/sieve/global/
# Scripts executed before the users script. # E.g. handling messages marked as dangerous #sieve_before = /var/lib/dovecot/sieve/discard-virusses.sieve
# Scripts executed after the users script (if keep is still in effect) # E.g. default mail filing rules. #sieve_after = /var/lib/dovecot/sieve/after.d/
### Quota Section ### # quota = maildir }
dict { #quota = pgsql:/usr/local/etc/dovecot-dict-sql.conf }
server [~]#
On 07/08/2010 10:41 PM Leander S. wrote:
… transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_transport = dovecot … server [~]# postfinger … --master.cf-- dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} … server [~]# cat /usr/local/etc/dovecot.conf
Useless use of cat. dovecot -n output is sufficient.
One of your pgsql based transport_maps overrides your virtual_transport parameter. Either make sure your database returns 'dovecot' as transport or remove the transport_maps parameter, if you want to use 'dovecot' as transport for all virtual users.
Regards, Pascal
The trapper recommends today: beeffeed.1019014@localdomain.org
Pascal Volk schrieb:
On 07/08/2010 10:41 PM Leander S. wrote:
… transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_transport = dovecot … server [~]# postfinger … --master.cf-- dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} … server [~]# cat /usr/local/etc/dovecot.conf
Useless use of cat.
dovecot -noutput is sufficient.One of your pgsql based transport_maps overrides your virtual_transport parameter. Either make sure your database returns 'dovecot' as transport or remove the transport_maps parameter, if you want to use 'dovecot' as transport for all virtual users.
Regards, Pascal
Ja MAN, that was it - the virtual: had to be replaced with dovecot: in the SQL DB. But no I'm not geting my mail delivered any more ;/ /var/maillog.log shows me following:
server postfix/pipe[1603]: 5A0BE7B6A9: to=admin@server.netocean, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
What does deferred mean?
Thx for the help - much appreciated ;)
On Fri, 2010-07-09 at 17:13 +0200, Leander S. wrote:
server postfix/pipe[1603]: 5A0BE7B6A9: to=admin@server.netocean, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
Make sure deliver can write to logs and look at its log files. http://wiki.dovecot.org/LDA#logging
Timo Sirainen schrieb:
On Fri, 2010-07-09 at 17:13 +0200, Leander S. wrote:
server postfix/pipe[1603]: 5A0BE7B6A9: to=admin@server.netocean, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
Make sure deliver can write to logs and look at its log files. http://wiki.dovecot.org/LDA#logging
Thanks. I figured what I miss now-I just don't get where to merge this propper now. I would love to get a hint to get a reasonable config.
This is how my auth section currently looks like:
auth default { mechanisms = cram-md5
passdb sql { args = /usr/local/etc/dovecot-sql.conf }
userdb sql { args = /usr/local/etc/dovecot-sql.conf }
# user = nobody
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 }
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}} }
And apparently I need to add something like that now:
service auth { unix_listener auth-master { group = mode = 0600 user = } }
and apparently auth-master will be too much in that case since auth-userdb should do the job.
Thanks
Timo Sirainen schrieb:
On Fri, 2010-07-09 at 17:13 +0200, Leander S. wrote:
server postfix/pipe[1603]: 5A0BE7B6A9: to=admin@server.netocean, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
Make sure deliver can write to logs and look at its log files. http://wiki.dovecot.org/LDA#logging
Ok, I've figured out the issue - but I'm now getting a permission error.
Jul 09 18:19:01 deliver(admin@server.home): Fatal: setgid(2000) failed with euid=65534(nobody), gid=143(dovecot), egid=143(dovecot): Operation not permitted
Can someone explain me where Dovecot needs rights there? Or where Dovecot tries to write something?
Thx
On 07/09/2010 06:46 PM Leander S. wrote:
Jul 09 18:19:01 deliver(admin@server.home): Fatal: setgid(2000) failed with euid=65534(nobody), gid=143(dovecot), egid=143(dovecot): Operation not permitted
see http://wiki.dovecot.org/LDA#Multiple_UIDs
Regards, Pascal
The trapper recommends today: f007ba11.1019018@localdomain.org
Hi,
since Dovecot's deliver is creating folders for the user if needed - is there also a way of how to set the Spam folder for instance to a mode so that it can't be deleted by the user through IMAP anymore?
Thanks
hi,
since Dovecot's deliver is creating folders for the user if needed - is there also a way of how to set the Spam folder for instance to a mode so that it can't be deleted by the user through IMAP anymore?
use the autocreate-plugin:
Am 09.07.2010 um 19:50 schrieb Anton Dollmaier:
hi,
since Dovecot's deliver is creating folders for the user if needed - is there also a way of how to set the Spam folder for instance to a mode so that it can't be deleted by the user through IMAP anymore?
use the autocreate-plugin:
Sounds more like a job for ACLs IMHO.
Jerry schrieb:
On Thu, 08 Jul 2010 15:28:15 +0200 Leander S. leander.schaefer@googlemail.com articulated:
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
Please post the output of "postconf -n". Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger.
It sounds suspiciously like you have 'virtual' configured incorrectly. When replying, please show which domains are "virtual".
^^ currently this is a testing system - it has a two virtual domains running. They're stored in a PGSQL Backend. What details will be interesting for you? Must I post the table structure with values?
Let me know if you need more
################# #################
server [~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases allow_mail_to_commands = alias, forward allow_mail_to_files = alias, forward append_at_myorigin = yes append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m broken_sasl_auth_clients = no command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 3 default_privs = nobody default_process_limit = 100 default_recipient_limit = 200 disable_dns_lookups = no header_size_limit = 102400 html_directory = /usr/local/share/doc/postfix inet_interfaces = all inet_protocols = ipv4 local_recipient_maps = proxy:unix:passwd.byname $alias_maps mail_name = home-MTA mail_owner = postfix mail_version = 1.0 mailbox_size_limit = 0 mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydestination = $myhostname, localhost.$mydomain, localhost mydomain = home myhostname = server.home mynetworks = 127.0.0.0/8 mynetworks_style = subent myorigin = $myhostname newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_delimiter = + resolve_numeric_domain = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_host_lookup = dns, native smtp_sasl_auth_enable = no smtp_tls_note_starttls_offer = yes smtpd_delay_reject = yes smtpd_enforce_tls = no smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_starttls_timeout = 300s smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes syslog_facility = mail syslog_name = ${multi_instance_name:postfix}${multi_instance_name?$multi_instance_name} tls_random_prng_update_period = 3600s tls_random_source = dev:/dev/urandom transport_maps = pgsql:/usr/local/etc/postfix/transport_maps unknown_local_recipient_reject_code = 550 virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps server [~]#
################# #################
server [~]# postfinger postfinger - postfix configuration on Thu Jul 8 20:32:40 CEST 2010 version: 1.30
Warning: postfinger output may show private configuration information, such as ip addresses and/or domain names which you do not want to show to the public. If this is the case it is your responsibility to modify the output to hide this private information. [Remove this warning with the --nowarn option.]
--System Parameters-- mail_version = 2.6.5 hostname = server.home uname = FreeBSD server.home 8.0-RELEASE FreeBSD 8.0-RELEASE #5: Tue Jun 22 20:48:20 CEST 2010 root@server.home:/usr/obj/usr/src/sys/home amd64
--Packaging information-- looks like this postfix comes from BSD package: postfix-2.6.5,1
--main.cf non-default parameters-- append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m content_filter = smtp-amavis:[127.0.0.1]:10024 debug_peer_level = 3 default_recipient_limit = 200 mail_name = home-MTA mail_version = 1.0 mailbox_size_limit = 0 max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydomain = home mynetworks = 127.0.0.0/8 mynetworks_style = subent recipient_delimiter = + smtp_host_lookup = dns, native smtp_tls_note_starttls_offer = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_use_tls = yes transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps
--master.cf-- smtp inet n - n - - smtpd smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
-- end of postfinger output -- server [~]#
################# #################
server [~]# cat /usr/local/etc/dovecot.conf
## ## Network ## protocols = imap imaps pop3 pop3s managesieve listen = * shutdown_clients = yes
## ## Logging ## #mail_debug = yes #auth_verbose = yes #auth_debug = yes #auth_debug_passwords = yes log_timestamp = "%b %d %H:%M:%S " syslog_facility = mail
## ## SSL settings ## ssl = yes ssl_cert_file = /etc/ssl/dovecot/cert.pem ssl_key_file = /etc/ssl/dovecot/key.pem #ssl_key_password = passphrase
## ## Login processes ## verbose_proctitle = yes login_user = dovecot login_greeting = home MailSystem
## ## Mailbox locations and namespaces ## # Not being used since we use PGSQL Virtual mail_location = maildir:/var/mail/%d/%n mail_privileged_group = mail
## ## Mail processes ## dotlock_use_excl = yes first_valid_uid = 2000 first_valid_gid = 2000
## ## Mailbox handling optimizations ## mailbox_idle_check_interval = 30
## ## Maildir-specific settings ## maildir_copy_with_hardlinks = yes
## ## IMAP specific settings ## protocol imap { #listen = *:143 #ssl_listen = *:993 login_executable = /usr/local/libexec/dovecot/imap-login mail_executable = /usr/local/libexec/dovecot/imap mail_plugins = quota imap_quota mail_plugin_dir = /usr/local/lib/dovecot/imap #imap_max_line_length = 65536 imap_client_workarounds = outlook-idle }
## ## POP3 specific settings ## protocol pop3 { #listen = *:110 #ssl_listen = *:995 login_executable = /usr/local/libexec/dovecot/pop3-login mail_executable = /usr/local/libexec/dovecot/pop3 pop3_lock_session = no pop3_uidl_format = %08Xu%08Xv mail_plugins = quota mail_plugin_dir = /usr/local/lib/dovecot/pop3 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh }
## ## ManageSieve specific settings ## protocol managesieve { # Login executable location. #login_executable = /usr/local/libexec/dovecot/managesieve-login
# ManageSieve executable location. See IMAPs mail_executable above for # examples how this could be changed. #mail_executable = /usr/local/libexec/dovecot/managesieve # Maximum ManageSieve command line length in bytes. This setting is # directly borrowed from IMAP. But, since long command lines are very # unlikely with ManageSieve, changing this will not be very useful. #managesieve_max_line_length = 65536 # ManageSieve logout format string: # %i - total number of bytes read from client # %o - total number of bytes sent to client #managesieve_logout_format = bytes=%i/%o # If, for some inobvious reason, the sieve_storage remains unset, the # ManageSieve daemon uses the specification of the mail_location to find out # where to store the sieve files (see explaination in README.managesieve). # The example below, when uncommented, overrides any global mail_location # specification and stores all the scripts in ~/mail/sieve if sieve_storage # is unset. However, you should always use the sieve_storage setting. # mail_location = mbox:~/mail
# To fool ManageSieve clients that are focused on timesieved you can # specify the IMPLEMENTATION capability that the dovecot reports to clients # (default: "dovecot"). #managesieve_implementation_string = Cyrus timsieved v2.2.13 }
## ## LDA specific settings ## protocol lda { postmaster_address = admin@server.home mail_plugins = sieve log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log }
## ## Authentication processes ## auth_executable = /usr/local/libexec/dovecot/dovecot-auth auth_cache_size = 0 auth_cache_ttl = 3600 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu disable_plaintext_auth = yes
auth default { mechanisms = cram-md5 passdb sql { args = /usr/local/etc/dovecot-sql.conf } userdb sql { args = /usr/local/etc/dovecot-sql.conf } user = nobody socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } }
## ## Plugin settings ## plugin {
# The location of the users active script: sieve = ~/.dovecot.sieve
# The include extension fetches the :personal scripts from this # directory. When ManageSieve is used, this is also where scripts # are uploaded. #sieve_dir = ~/sieve
# If the user has no personal active script (i.e. if the file # indicated in sieve= does not exist), use this one: sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
# The include extension fetches the :global scripts from this # directory. Extension hamm wir nicht aktiviert. #sieve_global_dir = /usr/local/etc/dovecot/sieve/global/
# Scripts executed before the users script. # E.g. handling messages marked as dangerous #sieve_before = /var/lib/dovecot/sieve/discard-virusses.sieve
# Scripts executed after the users script (if keep is still in effect) # E.g. default mail filing rules. #sieve_after = /var/lib/dovecot/sieve/after.d/
### Quota Section ### # quota = maildir }
dict { #quota = pgsql:/usr/local/etc/dovecot-dict-sql.conf } server [~]#
participants (7)
-
Anton Dollmaier
-
Jerry
-
Leander S.
-
Pascal Volk
-
Stan Hoeppner
-
Thomas Leuxner
-
Timo Sirainen