Postfix/dovecot: user unrecognized, file permissions being misread
Hello all. Have spent several days following the excellent tutorial:
http://www.binarytides.com/install-postfix-dovecot-debian/
but still fail to have the user recognized and am getting log entries that the mail directories are 0755 when I can clearly see that they are 0774.
Very puzzling, any help would be deeply appreciated.
Best regards, Andy =========== Details =========== • I can add directories under IMAP, so my IMAP login and permissions must be correct.
• I can create an outgoing message under IMAP, but clicking SEND just hangs. Logs do not indicate problem.
• I clearly can send it a message with smtp. The message is delivered to postfix, but then dovecot fails to deliver it to a mailbox. ------------------------------------ Log Entries ---------------------
# tail /var/log/mail
postfix/qmgr[16390]: 9D6E8C1A77: from=<alavarre@gmail.com>,size=2794, nrcpt=1 (queue active) Message has been received
postfix/lmtp[16770]: C218DC197D: to=<alavarre@privustech.com>,relay=mail.privustech.com[private/lmtp], delay=2560, delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation with mail.privustech.com[private/lmtp] timed out while receiving the initial server greeting) lmtp is not working ------------------------------------ # tail /var/log/dovecot.log
auth-worker(16612): Info:pam(alavarre@privustech.com,98.179.190.111): unknown user
imap-login: Info: Login: user=<alavarre@privustech.com>,method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, TLS,
session=
imap(alavarre@privustech.com): Error:mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +w perm: /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 mode=0755) However, the mail directory /var/mail/vhosts/privustech.com/alavarre is -rwxrwxr-- vmail:vmail and I have restarted both postfix and dovecot.
========================= System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL authentication, connecting through a Unix socket: /etc/postfix/main.cf: virtual_transport = lmtp:unix:private/lmtp /etc/dovecot/conf.d/10-master.cf: service lmtp { unix_listener /var/spool/postfix/private/lmtp { mode = 0600 user = postfix group = postfix
}The lmtp socket is owned by postfix, while the mail system is owned by vmail, per the tutorial.
I am using virtual users (not system users) defined in /etc/dovecot/dovecot-users: alavarre@privustech.com:{plain}ksaj;flkasjd;ds;f
Thanks in advance, Andy
On 16-07-03 16:44:42, C. Andrews Lavarre wrote:
Hello all. Have spent several days following the excellent tutorial:
http://www.binarytides.com/install-postfix-dovecot-debian/
but still fail to have the user recognized and am getting log entries that the mail directories are 0755 when I can clearly see that they are 0774.
Very puzzling, any help would be deeply appreciated.
Best regards, Andy =========== Details =========== ??? I can add directories under IMAP, so my IMAP login and permissions must be correct.
??? I can create an outgoing message under IMAP, but clicking SEND just hangs. Logs do not indicate problem.
??? I clearly can send it a message with smtp. The message is delivered to postfix, but then dovecot fails to deliver it to a mailbox. ------------------------------------ Log Entries ---------------------
# tail /var/log/mail postfix/qmgr[16390]: 9D6E8C1A77: from=alavarre@gmail.com, size=2794, nrcpt=1 (queue active) Message has been received
postfix/lmtp[16770]: C218DC197D: to=<alavarre@privustech.com>,relay=mail.privustech.com[private/lmtp], delay=2560, delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation with mail.privustech.com[private/lmtp] timed out while receiving the initial server greeting) lmtp is not working
# tail /var/log/dovecot.log
auth-worker(16612): Info:pam(alavarre@privustech.com,98.179.190.111): unknown user
This could be a problem.
imap-login: Info: Login: user=<alavarre@privustech.com>,method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, TLS, session=
imap(alavarre@privustech.com): Error:mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +w perm: /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 mode=0755) However, the mail directory /var/mail/vhosts/privustech.com/alavarre is -rwxrwxr-- vmail:vmail and I have restarted both postfix and dovecot.
I'm guessing vmail can't +w somewhere along the path of /var/mail/vhosts/etc...
========================= System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL authentication, connecting through a Unix socket: /etc/postfix/main.cf: virtual_transport = lmtp:unix:private/lmtp /etc/dovecot/conf.d/10-master.cf: service lmtp { unix_listener /var/spool/postfix/private/lmtp { mode = 0600 user = postfix group = postfix
}The lmtp socket is owned by postfix, while the mail system is owned by vmail, per the tutorial.
I am using virtual users (not system users) defined in /etc/dovecot/dovecot-users: alavarre@privustech.com:{plain}ksaj;flkasjd;ds;f
Thanks in advance, Andy
doveconf -n would be helpful
Edgar Pettijohn
On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
doveconf -n would be helpful Thank you: lavarre:/var/mail/vhosts/privustech.com # doveconf -n # 2.2.18: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.8 (0c4ae064f307+)
# OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4
auth_mechanisms = plain login
auth_verbose = yes
listen = *
log_path = /var/log/dovecot.log
mail_debug = yes
mail_location = maildir:/var/mail/vhosts/%d/%n
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded -character vacation subaddress comparator-i;ascii-numeric r elational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts}
mailbox Junk {
special_use = \Junk}
mailbox Sent {
special_use = \Sent}
mailbox "Sent Messages" {
special_use = \Sent}
mailbox Trash {
special_use = \Trash}
prefix =
}
passdb {
driver = pam
}
passdb {
args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users
driver = passwd-file
}
plugin {
sieve = ~/.dovecot.sieve
sieve_after = /var/mail/vmail/sieve-after
sieve_before = /var/mail/vmail/sieve-before
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes}
}
service lmtp {
unix_listener /var/spool/postfix/private/lmtp {
group = postfix
mode = 0600
user = postfix}
}
service pop3-login {
inet_listener pop3s {
port = 995
ssl = yes}
}
ssl = required
ssl_ca =
ssl_cert =
ssl_dh_parameters_length = 2048
ssl_key =
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
driver = passwd
}
userdb {
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
driver = static
}
verbose_ssl = yes
protocol lda {
deliver_log_format = msgid=%m: %$
mail_plugins = sieve
postmaster_address = postmaster@privustech.com
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
mail_max_userip_connections = 10
}
On 16-07-03 18:17:48, C. Andrews Lavarre wrote:
On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
doveconf -n would be helpful Thank you: lavarre:/var/mail/vhosts/privustech.com # doveconf -n # 2.2.18: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.8 (0c4ae064f307+)
# OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4
auth_mechanisms = plain login
auth_verbose = yes
listen = *
log_path = /var/log/dovecot.log
mail_debug = yes
mail_location = maildir:/var/mail/vhosts/%d/%n
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded -character vacation subaddress comparator-i;ascii-numeric r elational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate
namespace inbox {
inbox = yes
location =
mailbox Drafts {special_use = \Drafts}
mailbox Junk {
special_use = \Junk}
mailbox Sent {
special_use = \Sent}
mailbox "Sent Messages" {
special_use = \Sent}
mailbox Trash {
special_use = \Trash}
prefix =
}passdb {
driver = pam
}
passdb {
args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users
driver = passwd-file
}
Double check me, but I think you only want (1) passdb {} block.
plugin {
sieve = ~/.dovecot.sieve
sieve_after = /var/mail/vmail/sieve-after
sieve_before = /var/mail/vmail/sieve-before
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix mode = 0666 user = postfix}
}
service imap-login {
inet_listener imaps {
port = 993 ssl = yes}
}
service lmtp {
unix_listener /var/spool/postfix/private/lmtp {
group = postfix mode = 0600 user = postfix}
}
service pop3-login {
inet_listener pop3s {
port = 995 ssl = yes}
}
ssl = required
ssl_ca =
ssl_cert =
ssl_dh_parameters_length = 2048
ssl_key =
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
driver = passwd
}
userdb {
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
driver = static
}
Same here and make sure driver = "passdb driver".
verbose_ssl = yes
protocol lda {
deliver_log_format = msgid=%m: %$
mail_plugins = sieve
postmaster_address = postmaster@privustech.com
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
mail_max_userip_connections = 10
}
I also noticed your certificate chain is broken.
http://wiki2.dovecot.org/TestInstallation
-- Edgar Pettijohn
Hello all. Thanks to Edgar for the below, but we still have a curiosity: On Sun, 2016-07-03 at 17:31 -0500, Edgar Pettijohn wrote:
On 16-07-03 18:17:48, C. Andrews Lavarre wrote:
On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
doveconf -n would be helpful Double check me, but I think you only want (1) passdb {} block. ... Same here (userdb {) Agree on both, thank you. There are a huge number of files expressing p assdb { and userdb { but most are commented out. The undesirables were from conf.d/auth-system.conf.ext that I have now entirely commented out, since we are not using system users.
(and make sure driver = "passdb driver".
Presumably this means in auth-passwd-file.conf.ext:
userdb { > driver = passdb driver This was commented out. I changed it as you say, but it doesn't like it: auth: Fatal: Unknown userdb driver 'passdb driver'
so I changed it back to
driver = passwd-fileNow we have no dovecot.log errors, except: The reported error was "IMAP server said BYE: Disconnected: Auth process broken Tomorrow is another day. I attach the lavarre:/etc/dovecot # doveconf -n >lavarre-160705_conf.txt
Thank you again. Kind regards, Andy
Sent from my iPhone
On Jul 5, 2016, at 8:36 PM, C. Andrews Lavarre alavarre@gmail.com wrote:
Hello all. Thanks to Edgar for the below, but we still have a curiosity:
On Sun, 2016-07-03 at 17:31 -0500, Edgar Pettijohn wrote:
On 16-07-03 18:17:48, C. Andrews Lavarre wrote:
On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote: doveconf -n would be helpful Double check me, but I think you only want (1) passdb {} block. ... Same here (userdb {) Agree on both, thank you. There are a huge number of files expressing p assdb { and userdb { but most are commented out. The undesirables were from conf.d/auth-system.conf.ext that I have now entirely commented out, since we are not using system users.
(and make sure driver = "passdb driver".
Presumably this means in auth-passwd-file.conf.ext:
userdb { > driver = passdb driver This was commented out. I changed it as you say, but it doesn't like it: auth: Fatal: Unknown userdb driver 'passdb driver'
so I changed it back to
driver = passwd-file
Just meant to use the correct driver.
Now we have no dovecot.log errors, except: The reported error was "IMAP server said BYE: Disconnected: Auth process broken
Make sure your passdb and userdb are formatted correctly and can be found where you are telling dovecot they are. Also make sure dovecot was compiled with passwd-file as an option. I think it is unless specifically removed, but double check.
Tomorrow is another day. I attach the lavarre:/etc/dovecot # doveconf -n >lavarre-160705_conf.txt
Thank you again. Kind regards, Andy
Edgar hello. Thanks again. Not sure of the protocol. Perhaps better to keep the entire thread complete, so here again is doveconf -n with the precendents: lavarre:/var/mail/vhosts/privustech.com # doveconf -n # 2.2.18: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.8 (0c4ae064f307+)
# OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4
auth_mechanisms = plain login
auth_verbose = yes
listen = *
log_path = /var/log/dovecot.log
mail_debug = yes
mail_location = maildir:/var/mail/vhosts/%d/%n
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded -character vacation subaddress comparator-i;ascii-numeric r elational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts}
mailbox Junk {
special_use = \Junk}
mailbox Sent {
special_use = \Sent}
mailbox "Sent Messages" {
special_use = \Sent}
mailbox Trash {
special_use = \Trash}
prefix =
}
passdb {
driver = pam
}
passdb {
args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users
driver = passwd-file
}
plugin {
sieve = ~/.dovecot.sieve
sieve_after = /var/mail/vmail/sieve-after
sieve_before = /var/mail/vmail/sieve-before
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes}
}
service lmtp {
unix_listener /var/spool/postfix/private/lmtp {
group = postfix
mode = 0600
user = postfix}
}
service pop3-login {
inet_listener pop3s {
port = 995
ssl = yes}
}
ssl = required
ssl_ca =
ssl_cert =
ssl_dh_parameters_length = 2048
ssl_key =
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
driver = passwd
}
userdb {
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
driver = static
}
verbose_ssl = yes
protocol lda {
deliver_log_format = msgid=%m: %$
mail_plugins = sieve
postmaster_address = postmaster@privustech.com
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
mail_max_userip_connections = 10
}
On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
On 16-07-03 16:44:42, C. Andrews Lavarre wrote:
Hello all. Have spent several days following the excellent tutorial:
http://www.binarytides.com/install-postfix-dovecot-debian/
but still fail to have the user recognized and am getting log entries that the mail directories are 0755 when I can clearly see that they are 0774.
Very puzzling, any help would be deeply appreciated.
Best regards, Andy =========== Details =========== ??? I can add directories under IMAP, so my IMAP login and permissions must be correct.
??? I can create an outgoing message under IMAP, but clicking SEND just hangs. Logs do not indicate problem.
??? I clearly can send it a message with smtp. The message is delivered to postfix, but then dovecot fails to deliver it to a mailbox.
------------------------------------ Log Entries --------------
# tail /var/log/mail
postfix/qmgr[16390]: 9D6E8C1A77: from=< alavarre@gmail.com>, size=2794, nrcpt=1 (queue active) > > Message has been received
postfix/lmtp[16770]: C218DC197D: to=< alavarre@privustech.com>, relay=mail.privustech.com[private/lmtp], delay=2560, delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation with mail.privustech.com[private/lmtp] timed out while receiving the initial server greeting) lmtp is not working
# tail /var/log/dovecot.log
auth-worker(16612): Info: pam(alavarre@privustech.com,98.179.190.111): unknown user
This could be a problem.
imap-login: Info: Login: user=alavarre@privustech.com , method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, TLS, session=
imap(alavarre@privustech.com): Error: mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +w perm: /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 mode=0755) However, the mail directory /var/mail/vhosts/privustech.com/alavarre is -rwxrwxr-- vmail:vmail and I have restarted both postfix and dovecot.
I'm guessing vmail can't +w somewhere along the path of /var/mail/vhosts/etc...
========================= System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL authentication, connecting through a Unix socket:
/etc/postfix/main.cf:
virtual_transport = lmtp:unix:private/lmtp
/etc/dovecot/conf.d/10-master.cf:> > > > > > > > servic e lmtp {
unix_listener /var/spool/postfix/private/lmtp { > > mode = 0600 > > > > user = postfix > > > > group = postfix
} The lmtp socket is owned by postfix, while the mail system is owned by vmail, per the tutorial.
I am using virtual users (not system users) defined in /etc/dovecot/dovecot-users: alavarre@privustech.com:{plain}ksaj;flkasjd;ds;f
Thanks in advance, Andy
doveconf -n would be helpful
participants (2)
-
C. Andrews Lavarre
-
Edgar Pettijohn