[Dovecot] Accessing mail files not owned by imap login user
Hi,
I have managed to set up a 'maildir' based mail system using fetchmail and procmail that delivers sorted mail to folders /var/spool/mail/user1, ../user2 etc. 'user1', 'user2' etc. are real users but the mail system is run under logged in user 'mailserver'. The mail folders are owned by 'user1', 'user2' etc. but mail files, when delivered, are owned by 'mailserver'. I've been unable to find a way to change this behaviour :-(
Dovecot is configured by adding the single line 'mail_location = maildir:/var/spool/mail/%u' to 'dovecot.conf', everything else is as installed. When I make an imap connection as 'user1' the logon is successful, the mail files are moved from ../new/ to ../cur/ but are invisible to the imap client. If I 'chown' the mail files to 'user1' they instantly become visible to the imap client.
I gather from googling info on dovecot I can configure dovecot to allow 'user1', when logged in, to access the mail files owned by 'mailserver'. Is this simple to do, and if so how do I do it please ?
Thanks PaulM
-- View this message in context: http://dovecot.2317879.n4.nabble.com/Accessing-mail-files-not-owned-by-imap-... Sent from the Dovecot mailing list archive at Nabble.com.
At 3PM -0700 on 1/05/13 you (PaulM47) wrote:
I have managed to set up a 'maildir' based mail system using fetchmail and procmail that delivers sorted mail to folders /var/spool/mail/user1, ../user2 etc. 'user1', 'user2' etc. are real users but the mail system is run under logged in user 'mailserver'. The mail folders are owned by 'user1', 'user2' etc. but mail files, when delivered, are owned by 'mailserver'. I've been unable to find a way to change this behaviour :-(
I'm not sure about the rest of your problem (I'd have to reread the documentation, since this isn't a setup I use myself, and you can do that as well as I), but this bit is straightforward. The only way for a process running as one uid (say, fetchmail running as mailserver) to create a file owned by another uid is to pass the data to some other process running either as the target uid or as root.
This means, to get the uids right (which I would strongly recommend), you need a daemon; fortunately, Dovecot provides an LMTP daemon which will do just fine. If you set up the Dovecot LMTP server, fetchmail will deliver to that quite happily, and the delivered mail files will then have the correct owners.
You haven't said what you're doing with procmail; if you're doing anything beyond arranging for the mail to go to the right user you will need to replace that filtering with sieve. Note that, if you really must, you can use the sieve-extprograms extension to deliver using procmail once the LMTP server has switched down to the right uid.
Dovecot is configured by adding the single line 'mail_location = maildir:/var/spool/mail/%u' to 'dovecot.conf', everything else is as installed. When I make an imap connection as 'user1' the logon is successful, the mail files are moved from ../new/ to ../cur/ but are invisible to the imap client. If I 'chown' the mail files to 'user1' they instantly become visible to the imap client.
One thing to try is to run imap in preauth mode (see the wiki) under ktrace/strace/truss/whatever (as the right user, obviously), so you can see what it's trying to do and where it's failing.
Ben
Am 03.05.2013 16:11, schrieb Ben Morrow:
have managed to set up a 'maildir' based mail system using fetchmail and
procmail that delivers sorted mail to folders /var/spool/mail/user1, ../user2 etc. 'user1', 'user2' etc. are real users but the mail system is run under logged in user 'mailserver'. The mail folders are owned by 'user1', 'user2' etc. but mail files, when delivered, are owned by 'mailserver'. I've been unable to find a way to change this behaviour
why using procmail, fetchmail....,go modern ways
normally its mostly the best to have one extra user vmail group vmail
then use getmail with additional clamdscan and spamc , if you like, at last "give" to dovecot deliver which uses sieve ,acl, quota
i.e
getmail.rc
[options] verbose = 0 message_log = /var/log/getmail.log read_all = false delivered_to = false delete = false
[retriever] type = SimplePOP3Retriever server = mail.beispiel.com username = user@beispiel.com password = .....
[filter-1] allow_root_commands = True type = Filter_classifier path = /usr/bin/clamdscan arguments = ("--stdout", "--no-summary", "-") exitcodes_drop = (1, )
[filter-2] allow_root_commands = True type = Filter_external path = /usr/bin/spamc arguments = ("-s", " 250000", "-u", "user1@server.com")
[destination] type = MDA_external path = /usr/lib/dovecot/deliver arguments = ("-d", "user1@server.com") user = vmail group = vmail
minimum in dovocot.conf something like
... passdb { driver = passwd-file args = scheme=plain-md5 username_format=%n /etc/dovecot/imap.passwd } userdb { driver = passwd-file args = username_format=%n /etc/dovecot/imap.passwd default_fields = local_port=%a } ...
imap.passwd
... user1@server.com:{plain}pass:vmail:vmail::/usr/local/virtual/user1@server.com::userdb_mail=maildir:~/Maildir user2@server.com:{plain}pass:vmail:vmail::/usr/localvirtual/user2@server.com::userdb_mail=maildir:~/Maildir ...
... mkdir /usr/local/virtual/user1@server.com mkdir /usr/local/virtual/user1@server.com/Maildir ..
chown -R vmail:vmail /usr/local/virtual/*
notice this is not copy paste stuff, some things may different at your server and distro !!!
some blog ( only german )
http://sys4.de/de/blog/2013/04/12/abholdienst-fur-mail/
Best Regards MfG Robert Schetterer
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Thanks for your replies, I'll need a bit of time to digest what you have suggested.
-- View this message in context: http://dovecot.2317879.n4.nabble.com/Accessing-mail-files-not-owned-by-imap-... Sent from the Dovecot mailing list archive at Nabble.com.
participants (3)
-
Ben Morrow
-
PaulM47
-
Robert Schetterer