[Dovecot] LDA Problem
Hi
I'm having a problem with dovecot deliver. I'm using a dovecot version 1.0.beta8. As I am using a chrooted (/var/spool/postfix) postfix (version: 2.2.10) with cyrus-sasl authentification (all working). Postfix config is changed according to the http://wiki.dovecot.org/LDA:
main.cf: mailbox_command = dovecot
master.cf: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
I have adopted the dovecot.conf also according to http://wiki.dovecot.org/LDA but changed the auth_socket_path to point into the chroot of postfix. I have attached my dovecot.conf at the end of this email.
The mails that are sent to the machine are not delivered at all. In the mail-logfile I can see the following error message for each mail that can't be deliverd:
postfix/pipe[21344]: BC254154E5BD: to=<root>, orig_to=<root>, relay=dovecot, delay=0, status=bounced (user unknown)
I've already search the net but could not find any clue how to solve this. Can anyone give me a hint what to do?
cu Alexander
dovecot.conf:
protocols = imap imaps listen = localhost ssl_listen = * first_valid_uid = 1000 first_valid_gid = 1000 mail_extra_groups = mail mail_save_crlf = no default_mail_env = maildir:/var/mail/%u protocol imap { } protocol lda { postmaster_address = postmaster@domain.com auth_socket_path = /var/spool/postfix/var/run/dovecot-auth-master } log_timestamp = "%Y-%m-%d %H:%M:%S " ssl_disable = no ssl_cert_file = /etc/ssl/certs/executor.pem ssl_key_file = /etc/ssl/private/executor.key ssl_cipher_list = HIGH:MEDIUM auth default { mechanisms = plain passdb pam { } userdb passwd { } user = root socket listen { master { path = /var/spool/postfix/var/run/dovecot-auth-master mode = 0660 user = dovecot group = mail }
client {
path = /var/spool/postfix/var/run/dovecot-auth-client
mode = 0660
user = dovecot
group = mail
}
}} }
Hi Alexander,
First, tell me one thing. What kind of mail users do you have?
Real, system users in /etc/passwd or virtual users in other db?
Regards, Dumitru
Alexander Dreweke wrote:
Hi
I'm having a problem with dovecot deliver. I'm using a dovecot version 1.0.beta8. As I am using a chrooted (/var/spool/postfix) postfix (version: 2.2.10) with cyrus-sasl authentification (all working). Postfix config is changed according to the http://wiki.dovecot.org/LDA:
main.cf: mailbox_command = dovecot
master.cf: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
I have adopted the dovecot.conf also according to http://wiki.dovecot.org/LDA but changed the auth_socket_path to point into the chroot of postfix. I have attached my dovecot.conf at the end of this email.
The mails that are sent to the machine are not delivered at all. In the mail-logfile I can see the following error message for each mail that can't be deliverd:
postfix/pipe[21344]: BC254154E5BD: to=<root>, orig_to=<root>, relay=dovecot, delay=0, status=bounced (user unknown)
I've already search the net but could not find any clue how to solve this. Can anyone give me a hint what to do?
cu Alexander
dovecot.conf:
protocols = imap imaps listen = localhost ssl_listen = * first_valid_uid = 1000 first_valid_gid = 1000 mail_extra_groups = mail mail_save_crlf = no default_mail_env = maildir:/var/mail/%u protocol imap { } protocol lda { postmaster_address = postmaster@domain.com auth_socket_path = /var/spool/postfix/var/run/dovecot-auth-master } log_timestamp = "%Y-%m-%d %H:%M:%S " ssl_disable = no ssl_cert_file = /etc/ssl/certs/executor.pem ssl_key_file = /etc/ssl/private/executor.key ssl_cipher_list = HIGH:MEDIUM auth default { mechanisms = plain passdb pam { } userdb passwd { } user = root socket listen { master { path = /var/spool/postfix/var/run/dovecot-auth-master mode = 0660 user = dovecot group = mail }
client { path = /var/spool/postfix/var/run/dovecot-auth-client mode = 0660 user = dovecot group = mail } }} }
Hi
First, tell me one thing. What kind of mail users do you have? Real, system users in /etc/passwd or virtual users in other db?
Only system users. No virtual users, and no virtual domains.
cu Alexander
I'm having a problem with dovecot deliver. I'm using a dovecot version 1.0.beta8. As I am using a chrooted (/var/spool/postfix) postfix (version: 2.2.10) with cyrus-sasl authentification (all working). Postfix config is changed according to the http://wiki.dovecot.org/LDA:
main.cf: mailbox_command = dovecot
master.cf: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
I have adopted the dovecot.conf also according to http://wiki.dovecot.org/LDA but changed the auth_socket_path to point into the chroot of postfix. I have attached my dovecot.conf at the end of this email.
The mails that are sent to the machine are not delivered at all. In the mail-logfile I can see the following error message for each mail that can't be deliverd:
postfix/pipe[21344]: BC254154E5BD: to=<root>, orig_to=<root>, relay=dovecot, delay=0, status=bounced (user unknown)
I've already search the net but could not find any clue how to solve this. Can anyone give me a hint what to do?
cu Alexander
dovecot.conf:
protocols = imap imaps listen = localhost ssl_listen = * first_valid_uid = 1000 first_valid_gid = 1000 mail_extra_groups = mail mail_save_crlf = no default_mail_env = maildir:/var/mail/%u protocol imap { } protocol lda { postmaster_address = postmaster@domain.com auth_socket_path = /var/spool/postfix/var/run/dovecot-auth-master } log_timestamp = "%Y-%m-%d %H:%M:%S " ssl_disable = no ssl_cert_file = /etc/ssl/certs/executor.pem ssl_key_file = /etc/ssl/private/executor.key ssl_cipher_list = HIGH:MEDIUM auth default { mechanisms = plain passdb pam { } userdb passwd { } user = root socket listen { master { path = /var/spool/postfix/var/run/dovecot-auth-master mode = 0660 user = dovecot group = mail }
client { path = /var/spool/postfix/var/run/dovecot-auth-client mode = 0660 user = dovecot group = mail } }} }
--
Bis zu 70% Ihrer Onlinekosten sparen: GMX SmartSurfer! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer
Hi,
OK, bellow are my suggestions.
Alexander Dreweke wrote:
Hi
First, tell me one thing. What kind of mail users do you have? Real, system users in /etc/passwd or virtual users in other db?
Only system users. No virtual users, and no virtual domains.
cu Alexander
I'm having a problem with dovecot deliver. I'm using a dovecot version 1.0.beta8. As I am using a chrooted (/var/spool/postfix) postfix (version: 2.2.10) with cyrus-sasl authentification (all working). Postfix config is changed according to the http://wiki.dovecot.org/LDA:
main.cf: mailbox_command = dovecot mailbox_command =/usr/lib/dovecot/deliver
master.cf: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
This is a virtual transport for virtual domains/users. You don't need this, so you can comment it out.
I have adopted the dovecot.conf also according to http://wiki.dovecot.org/LDA but changed the auth_socket_path to point into the chroot of postfix. I have attached my dovecot.conf at the end of this email.
The mails that are sent to the machine are not delivered at all. In the mail-logfile I can see the following error message for each mail that can't be deliverd:
postfix/pipe[21344]: BC254154E5BD: to=<root>, orig_to=<root>, relay=dovecot, delay=0, status=bounced (user unknown)
I've already search the net but could not find any clue how to solve this. Can anyone give me a hint what to do?
cu Alexander
dovecot.conf:
protocols = imap imaps listen = localhost ssl_listen = * first_valid_uid = 1000 first_valid_gid = 1000 mail_extra_groups = mail mail_save_crlf = no default_mail_env = maildir:/var/mail/%u protocol imap { } protocol lda { postmaster_address = postmaster@domain.com auth_socket_path = /var/spool/postfix/var/run/dovecot-auth-master
From Postfix documentation:
# The mailbox_command parameter specifies the optional external # command to use instead of mailbox delivery. The command is run as # the recipient with proper HOME, SHELL and LOGNAME environment settings So, I think you can use default location here. You don't need to put this in postfix jail. auth_socket_path = /var/run/dovecot-auth-master
} log_timestamp = "%Y-%m-%d %H:%M:%S " ssl_disable = no ssl_cert_file = /etc/ssl/certs/executor.pem ssl_key_file = /etc/ssl/private/executor.key ssl_cipher_list = HIGH:MEDIUM I suggest you this:
auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi mechanisms = plain
## ## dovecot-lda specific settings ## socket listen { master { path = /var/run/dovecot-auth-master mode = 0660 user = dovecot # User running Dovecot LDA group = mail # Or alternatively mode 0660 + LDA user in this group } }
What is bellow looks like configuration for SASL part of Dovecot. If you are already using cyrus-sasl, this should be commented.
auth default { mechanisms = plain passdb pam { } userdb passwd { } user = root socket listen { master { path = /var/spool/postfix/var/run/dovecot-auth-master mode = 0660 user = dovecot group = mail }
client { path = /var/spool/postfix/var/run/dovecot-auth-client mode = 0660 user = dovecot group = mail } } } }
Let me know if this helped you.
Regards, Dumitru
Hi
I've changed the mailbox_command in main.cf to mailbox_command =/usr/lib/dovecot/deliver and therefore commented the dovecot part in the master.cf out. And I've changed the dovecot.conf as you have suggested (sockets are no longer in the postfix chroot and the dovecot sasl configuration part is commented out). But now i've got the problem that postfix tells me:
postfix/local[26339]: warning: connect #2 to subsystem private//usr/lib/dovecot/deliver: No such file or director
This is the reason why I tried the configuration for virtual domains form the dovecot wiki.
In the postfix chroot the sockets all are located in private/. Now that the dovecot director is commented out in master.cf there is no such director socket.
Any more suggestions?
cu Alexander
Bis zu 70% Ihrer Onlinekosten sparen: GMX SmartSurfer! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer
Maybe this is not important, but I mistyped this line. Should be mailbox_command = /usr/lib/dovecot/deliver
instead of mailbox_command =/usr/lib/dovecot/deliver
Don't forget to reload postfix config after changes.
And you should put correct path to deliver instead of /usr/lib/dovecot/deliver. This is default location on my Debian server.
Regards, Dumitru
Alexander Dreweke wrote:
Hi
I've changed the mailbox_command in main.cf to mailbox_command =/usr/lib/dovecot/deliver and therefore commented the dovecot part in the master.cf out. And I've changed the dovecot.conf as you have suggested (sockets are no longer in the postfix chroot and the dovecot sasl configuration part is commented out). But now i've got the problem that postfix tells me:
postfix/local[26339]: warning: connect #2 to subsystem private//usr/lib/dovecot/deliver: No such file or director
This is the reason why I tried the configuration for virtual domains form the dovecot wiki.
In the postfix chroot the sockets all are located in private/. Now that the dovecot director is commented out in master.cf there is no such director socket.
Any more suggestions?
cu Alexander
Hi
Maybe this is not important, but I mistyped this line. Should be mailbox_command = /usr/lib/dovecot/deliver instead of mailbox_command =/usr/lib/dovecot/deliver Don't forget to reload postfix config after changes.
I've checked the config line again and reloaded the postfix server.
And you should put correct path to deliver instead of /usr/lib/dovecot/deliver. This is default location on my Debian server. On my Debian server too. :-)
Ok. Now postfix finds dovecot deliver (juhuuu) thanks a lot. But another problem arose. :( I get the following error messages:
postfix/local[2051]: BD01D154E5C5: to=<root>, orig_to=<root>, relay=local, delay=20703, status=deferred (temporary failure) deliver: mkdir(/var/mail/nobody/cur) failed: Permission denied deliver: stat(/root/.dovecot.sieve) failed: Permission denied deliver: mkdir(/var/mail/nobody/cur) failed: Permission denied
For testig purpose I replaced the /usr/lib/dovecot/deliver program with a shell script that shows me the given parameters and the set environment: MAIL_CONFIG=/etc/postfix SENDER=root@domain.ca RECIPIENT=root@domain.ca SHELL=/bin/bash USER=root LOCAL=root PATH=/usr/bin:/bin PWD=/var/spool/postfix DOMAIN=domain.ca SHLVL=1 HOME=/root LOGNAME=root
So it seems that all necessary environment variables are set by postfix. But then I can't understand why deliver tries to create /var/mail/nobody instead of /var/mail/root.
Can you help me with this one too?
cu Alexander
Bis zu 70% Ihrer Onlinekosten sparen: GMX SmartSurfer! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer
Hi,
============================ Quotation from http://www.postfix.org/postconf.5.html#mailbox_command
mailbox_command (default: empty)
Optional external command that the local(8) delivery agent should use for mailbox delivery. The command is run with the user ID and the primary group ID privileges of the recipient. Exception: command delivery for root executes with $default_privs privileges. This is not a problem, because 1) mail for root should always be aliased to a real user and 2) don't log in as root, use "su" instead.
default_privs (default: nobody)
The default rights used by the local(8) delivery agent for delivery to external file or command. These rights are used when delivery is requested from an aliases(5) file that is owned by root, or when delivery is done on behalf of root. DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
So,
I recommend you to make an mail alias to root account. Edit /etc/aliases and add a line like this: root: somerealuser Save changes and run command newaliases.
Try to change access rights on /var/mail to 777. This should solve "Permission denied" problem.
Regards, Dumitru
Alexander Dreweke wrote:
Hi
Maybe this is not important, but I mistyped this line. Should be mailbox_command = /usr/lib/dovecot/deliver instead of mailbox_command =/usr/lib/dovecot/deliver Don't forget to reload postfix config after changes.
I've checked the config line again and reloaded the postfix server.
And you should put correct path to deliver instead of /usr/lib/dovecot/deliver. This is default location on my Debian server.
On my Debian server too. :-)
Ok. Now postfix finds dovecot deliver (juhuuu) thanks a lot. But another problem arose. :( I get the following error messages:
postfix/local[2051]: BD01D154E5C5: to=<root>, orig_to=<root>, relay=local, delay=20703, status=deferred (temporary failure) deliver: mkdir(/var/mail/nobody/cur) failed: Permission denied deliver: stat(/root/.dovecot.sieve) failed: Permission denied deliver: mkdir(/var/mail/nobody/cur) failed: Permission denied
For testig purpose I replaced the /usr/lib/dovecot/deliver program with a shell script that shows me the given parameters and the set environment: MAIL_CONFIG=/etc/postfix SENDER=root@domain.ca RECIPIENT=root@domain.ca SHELL=/bin/bash USER=root LOCAL=root PATH=/usr/bin:/bin PWD=/var/spool/postfix DOMAIN=domain.ca SHLVL=1 HOME=/root LOGNAME=root
So it seems that all necessary environment variables are set by postfix. But then I can't understand why deliver tries to create /var/mail/nobody instead of /var/mail/root.
Can you help me with this one too?
cu Alexander
Hi
thx. That did the trick. Now everything works fine.
cu, Alexander
Bis zu 70% Ihrer Onlinekosten sparen: GMX SmartSurfer! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer
participants (3)
-
Alexander Dreweke
-
Alexander Dreweke
-
Dumitru Negara