[Dovecot] Problem with dovecot delivery (version 2.0.7)
Hi!
I've been having an issue with dovecot since yesterday and can't figure it out.
All my users can send mail without any problem but all incomming mail are deffered. Here is the log from postfix complaining the mail has been deferred:
Nov 9 23:35:51 www postfix/pipe[50019]: A20EB145FC2C: to=, relay=dovecot, delay=819, delays=819/0.01/0/0.01, dsn=4.3.0, status=deferred (temporary failure)
And here is the log from dovecot complaining it can't complete the operation /var/log/dovecot-deliver.log:
Nov 09 23:35:51 lda(EMAIL REMOVED FOR PRIVACY): Fatal: setresgid(6(mail),6(mail),6(mail)) failed with euid=143(dovecot): Operation not permitted
If anyone could help me, it would be much appreciated!
Thanks!
Maxime Longuepee put forth on 11/9/2010 11:01 PM:
I've been having an issue with dovecot since yesterday and can't figure it out.
It would be really helpful if you mentioned what you changed yesterday. If delivery functioned before yesterday, and now it doesn't, you obviously changed something that caused breakage.
All my users can send mail without any problem but all incomming mail are deffered. Here is the log from postfix complaining the mail has been deferred:
Nov 9 23:35:51 www postfix/pipe[50019]: A20EB145FC2C: to=, relay=dovecot, delay=819, delays=819/0.01/0/0.01, dsn=4.3.0, status=deferred (temporary failure)
And here is the log from dovecot complaining it can't complete the operation /var/log/dovecot-deliver.log:
Nov 09 23:35:51 lda(EMAIL REMOVED FOR PRIVACY): Fatal: setresgid(6(mail),6(mail),6(mail)) failed with euid=143(dovecot): Operation not permitted
-- Stan
Stan Hoeppner a écrit :
Maxime Longuepee put forth on 11/9/2010 11:01 PM:
I've been having an issue with dovecot since yesterday and can't figure it out.
It would be really helpful if you mentioned what you changed yesterday. If delivery functioned before yesterday, and now it doesn't, you obviously changed something that caused breakage.
All my users can send mail without any problem but all incomming mail are deffered. Here is the log from postfix complaining the mail has been deferred:
Nov 9 23:35:51 www postfix/pipe[50019]: A20EB145FC2C: to=, relay=dovecot, delay=819, delays=819/0.01/0/0.01, dsn=4.3.0, status=deferred (temporary failure)
And here is the log from dovecot complaining it can't complete the operation /var/log/dovecot-deliver.log:
Nov 09 23:35:51 lda(EMAIL REMOVED FOR PRIVACY): Fatal: setresgid(6(mail),6(mail),6(mail)) failed with euid=143(dovecot): Operation not permitted
I didn't change anything.
This is a brand new install i'm trying to get to work.
Stan Hoeppner a écrit :
Maxime Longuepee put forth on 11/9/2010 11:11 PM:
I didn't change anything.
This is a brand new install i'm trying to get to work.
Non-obfuscated output of the following commands would be helpful:
postconf -n dovecot -n
Here is the postconf -n:
address_verify_map = btree:/var/spool/postfix/address_verify
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/spool/postfix
debug_peer_level = 2
disable_vrfy_command = yes
html_directory = no
inet_interfaces = $myhostname, localhost
invalid_hostname_reject_code = 450
mail_owner = postfix
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
maps_rbl_reject_code = 450
mydestination = SERVERNAME.HIDDEN.FOR.PRIVACY,
localhost.SERVERNAME.HIDDEN.FOR.PRIVACY, localhost
myhostname = SERVERNAME.HIDDEN.FOR.PRIVACY
mynetworks = 127.0.0.1, SERVERNAME.HIDDEN.FOR.PRIVACY
mynetworks_style = host
myorigin = SERVERNAME.HIDDEN.FOR.PRIVACY
newaliases_path = /usr/local/bin/newaliases
non_fqdn_reject_code = 450
owner_request_special = no
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_tls_cert_file = /etc/ssl/server.crt
smtp_tls_key_file = /etc/ssl/server.key
smtp_tls_security_level = may
smtp_tls_session_cache_database =
btree:/var/spool/postfix/smtp_tls_session_cache
smtpd_data_restrictions = reject_unauth_pipelining,
reject_multi_recipient_bounce, permit
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks
permit_sasl_authenticated permit_tls_clientcerts
reject_unauth_destination reject_invalid_helo_hostname
reject_non_fqdn_sender reject_non_fqdn_recipient
reject_rbl_client cbl.abuseat.org reject_rbl_client
list.dsbl.org reject_rbl_client opm.blitzed.org
reject_rbl_client sbl.spamhaus.org reject_rbl_client
bl.spamcop.net reject_rbl_client dnsbl.sorbs.net=127.0.0.2
reject_rbl_client dnsbl.sorbs.net=127.0.0.3 reject_rbl_client
dnsbl.sorbs.net=127.0.0.4 reject_rbl_client
dnsbl.sorbs.net=127.0.0.5 reject_rbl_client
dnsbl.sorbs.net=127.0.0.7 reject_rbl_client
dnsbl.sorbs.net=127.0.0.9 reject_rbl_client
dnsbl.sorbs.net=127.0.0.11 reject_rbl_client
dnsbl.sorbs.net=127.0.0.12
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/ssl/server.crt
smtpd_tls_key_file = /etc/ssl/server.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database =
btree:/var/spool/postfix/smtpd_tls_session_cache
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:$config_directory/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:6
virtual_mailbox_base = /usr/vmail
virtual_mailbox_domains =
mysql:$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:$config_directory/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 143
virtual_transport = dovecot
virtual_uid_maps = static:143
and here is the dovecot -n:
auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 143 info_log_path = /var/log/maillog last_valid_uid = 143 listen = * log_path = /var/log/maillog login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = maildir:/usr/vmail/%d/%u mail_privileged_group = mail passdb { args = /usr/local/etc/dovecot-sql.conf driver = sql } plugin { acl = vfile:/usr/local/etc/dovecot-acls quota = maildir:storage=10240:messages=1000 trash = /usr/local/etc/dovecot-trash.conf } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = mail mode = 0660 user = postfix } unix_listener auth-master { group = mail mode = 0660 user = dovecot } user = dovecot } service imap-login { process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot-auth } service pop3-login { process_limit = 128 process_min_avail = 3 service_count = 1 user = dovecot-auth } ssl_cert =
Maxime Longuepee put forth on 11/9/2010 11:24 PM:
Stan Hoeppner a écrit :
Maxime Longuepee put forth on 11/9/2010 11:11 PM:
I didn't change anything.
This is a brand new install i'm trying to get to work.
Non-obfuscated output of the following commands would be helpful:
postconf -n dovecot -n
I forgot to mention master.cf. Need that also, at least the dovecot entry.
-- Stan
Stan Hoeppner a écrit :
Maxime Longuepee put forth on 11/9/2010 11:24 PM:
Stan Hoeppner a écrit :
Maxime Longuepee put forth on 11/9/2010 11:11 PM:
I didn't change anything.
This is a brand new install i'm trying to get to work.
Non-obfuscated output of the following commands would be helpful:
postconf -n dovecot -n
I forgot to mention master.cf. Need that also, at least the dovecot entry.
Here is the dovecot entry from master.cf:
dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -d ${recipient}
I really appreciate the fact that you are trying to help me, thanks and I hope you will able to solve that problem!
Maxime Longuepee put forth on 11/9/2010 11:42 PM:
Here is the dovecot entry from master.cf:
dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -d ${recipient}
I really appreciate the fact that you are trying to help me, thanks and I hope you will able to solve that problem!
Well, virtual user setups aren't my specialty, so don't hold your breath. ;)
http://linux.die.net/man/2/setresgid
You elided your OS platform from your dovecot -n. What OS/version is this?
"The results of the setresgid() expression depends on the OS."
You may require Timo's assistance on this one.
-- Stan
Maxime Longuepee wrote on 11/10/2010:
Here is the dovecot entry from master.cf:
dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -d ${recipient}
Maybe the problem is that you run deliver as user "dovecot". You should use another user/group for deliver. Also you should make sure that this user/group has correct permissions on /usr/vmail. (See also: http://wiki2.dovecot.org/UserIds)
-- Daniel
Maxime Longuepee wrote on 11/10/2010:
Here is the postconf -n:
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated permit_tls_clientcerts
reject_unauth_destination reject_invalid_helo_hostname
reject_non_fqdn_sender reject_non_fqdn_recipient
reject_rbl_client cbl.abuseat.org reject_rbl_client list.dsbl.org reject_rbl_client opm.blitzed.org
reject_rbl_client sbl.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client dnsbl.sorbs.net=127.0.0.2
reject_rbl_client dnsbl.sorbs.net=127.0.0.3 reject_rbl_client dnsbl.sorbs.net=127.0.0.4 reject_rbl_client dnsbl.sorbs.net=127.0.0.5 reject_rbl_client dnsbl.sorbs.net=127.0.0.7 reject_rbl_client dnsbl.sorbs.net=127.0.0.9 reject_rbl_client dnsbl.sorbs.net=127.0.0.11 reject_rbl_client dnsbl.sorbs.net=127.0.0.12
these DNSBL's are dead:
opm.blitzed.org list.dsbl.org
-- Daniel
On Wed, 2010-11-10 at 00:01 -0500, Maxime Longuepee wrote:
Nov 09 23:35:51 lda(EMAIL REMOVED FOR PRIVACY): Fatal: setresgid(6(mail),6(mail),6(mail)) failed with euid=143(dovecot): Operation not permitted
^^^^^^^^^^^^^^^^^^^^^^^^ Herein lies the answer, check the permissions and ownership
participants (4)
-
Daniel Luttermann
-
Maxime Longuepee
-
Noel Butler
-
Stan Hoeppner