[Dovecot] need help with dovecot-lda
Hello all!
Some month ago I upgraded our dovecot installation from version 1.0.5 to version 2.1.7 without having any trouble. Postfix is delivering email directly per virtual transport to the maildirs and mailboxes of the users in /var/spool/vhosts/domains/....
Now I want to use dovecot-lda and created a new entry in the master.cf of postfix.
dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient}
It is not clear to me, how the dovecot-lda is started bei dovecot and you it finds the socket dovecot postfix created.
The dovecot.conf looks like this;
2.1.7: /etc/dovecot/dovecot.conf
OS: Linux 2.6.22.5-31-bigsmp i686 openSUSE 10.3 (i586) ext3
auth_verbose = yes disable_plaintext_auth = no log_path = /var/log/dovecot1
mail_location = mbox:/var/spool/vhosts/%d/dovecotprivate/%n:INBOX=/var/spool/vhosts/%d/%n
!include /etc/dovecot/conf.d/*.conf
passdb { args = /etc/dovecot/passwd driver = passwd-file } userdb { args = /etc/dovecot/passwd driver = passwd-file }
ssl_cert = < /etc/dovecot/ssl/hostcert.pem ssl_key = < /etc/dovecot/ssl/hostkey.pem #verbose_ssl = yes
plugin { quota = maildir:User quota quota_rule = *:storage=500MB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=+10%% # 20% of 1GB = 200MB # quota_rule3 = Spam:storage=+20%%
autocreate = Trash
autocreate2 = Drafts
autocreate3 = Sent
autosubscribe = Trash
autosubscribe2 = Drafts
autosubscribe3 = Sent}
I set soft_bounce = yes in main.cf of postfix and delivery of mail fails with
Dec 14 16:13:34 delta postfix/virtual[14082]: BBC0F1B31294: to=<xyz@anup.de>, relay=virtual, delay=395, delays=395/0.01/0/0.13, dsn=4.1.1, status=SOFTBOUNCE (unknown user: "xyz@anup.de")
This is the relevant part of the main.cf:
dovecot_destination_recipient_limit = 1
virtual_mailbox_domains = anup.de bit-corner.de bitcorner.de baubetreuung-meyer.de saxelektro.de virtual_mailbox_base = /var/spool/vhosts #virtual_mailbox_maps = hash:/etc/postfix/vmailbox #virtual_minimum_uid = 100 #virtual_uid_maps = static:5000 #virtual_gid_maps = static:5000 virtual_mailbox_limit = 524288000 virtual_transport = dovecot
I don't get it right. As far as I understand postfix uses virtual_transport = dovecot and hands the mail over to the socket dovecot. But how does dovecot know where to look for the socket. I am missing somthing but don't know what.
Any help is appreciated!
Andreas
At 5PM +0100 on 14/12/12 Andreas Meyer wrote:
The process listening on that 'dovecot' pipe is a Postfix pipe(8) process. When a delivery request comes in from elsewhere in Postfix, it invokes /usr/libexec/dovecot/dovecot-lda as a new child process. This new lda process will contact the dovecot-auth service if it needs to, but is otherwise not connected to the running Dovecot server at all.
If you want Dovecot to listen for deliveries (which has some efficiency advantages), you want to use LMTP.
What happens if you run
echo "foo" | /usr/libexec/dovecot/dovecot-lda \
-f xyz@anup.de -d xyz@anup.dein the shell (as the vmail user)? Does it fail with exit code 67? This is EX_NOUSER, and is the standard way for LDAs to signal 'I don't know how to deliver to this user'. Either xyz@anup.de is not a valid address at that domain, or you haven't made the auth-userdb socket available to the vmail user. See http://wiki2.dovecot.org/LDA, under the section 'Virtual users'.
Ben
Hello!
Ben Morrow <ben@morrow.me.uk> wrote:
I did this in the shell:
delta:/ # su vmail delta:/ # whoami root delta:/ # echo "test" | /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
and the mail was delivered to the mailbox without error. Maybe the vmail user is the problem? When I send an email from my desktop I get this in the mail.log: Dec 14 21:19:42 delta postfix/virtual[16185]: A6E511B3128A: to=<anmeyer@anup.de>, relay=virtual, delay=0.15, delays=0.08/0.01/0/0.06, dsn=4.1.1, status=SOFTBOUNCE (unknown user: "anmeyer@anup.de")
The line of the /etc/shadow for vmail looks like this: vmail::13940:0:99999:7:::
Why is root not switching to vmail? May vmail be the problem?
delta:/ # id vmail uid=110(vmail) gid=110(vmail) Gruppen=110(vmail)
Andreas
At 9PM +0100 on 14/12/12 Andreas Meyer wrote:
So su didn't work. That's often the case with daemon users, because they often don't have a login shell. Read the manpage for your system's su to find out if you can override that, and how (I can't help you here, since your su is probably different from mine). You may have more luck with sudo, if you've got it installed.
That is delivered to 'anmayer@anup.de', which looks a lot more like a real address than 'xyz@anup.de'.
So it's likely the vmail user can't read the userdb; do you not get any logs from dovecot-lda? (You may not if Dovecot is using custom logs rather than syslog, and vmail doesn't have write access.)
The line of the /etc/shadow for vmail looks like this: vmail::13940:0:99999:7:::
How is that relevant? AFAIK the login shell lives in /etc/passwd on shadow-password systems.
At 11AM +0100 on 15/12/12 Andreas Meyer wrote:
That command-line attempts to run 'echo "foo"' as the vmail user, and dovecot-lda as root (and I don't know if the arguments to su are correct; on my system they wouldn't be). You *really* need to learn how to use your operating system before you try anything relatively complicated like setting up a mail server.
You're supposed to understand the comments and then remove them, not copy them blindly without reading them.
Well, that looks OK to me; but the only way to test it is to manually run dovecot-lda as vmail. Is there an auth-userdb socket in your dovecot sockets directory? Does it have the right permissions?
Yes, you are misunderstanding something. It works (something) like this:
- A mail comes in to Postfix.
- Postfix decides this mail is local.
- Postfix sends the mail through /var/spool/postfix/private/dovecot
to a Postfix pipe(8) process on the other end.
- That pipe(8) process runs dovecot-lda, as the vmail user.
- dovecot-lda reads dovecot.conf.
- dovecot-lda contacts the Dovecot auth process using the
auth-userdb socket.
- If the user exists, it delivers the mail to their mailbox.No Dovecot process needs to know anything at all about the Postfix socket, it's just for internal communication between different bits of Postfix. Have you read the Postfix documentation?
I am lost. I don't if the mail is handed over to dovecot-lda and if so why it can't find the passwd-file.
If the mail was handed over to dovecot-lda, it ought to be logging *something*. Find out where those logs should go; if they aren't appearing, you need to fix that. Syslog is IMHO a better bet than custom log files.
Ben
Hello!
That's ok, I'll remove the comments. But there is no auth-userdb socket in the sockets directtory of dovecot.
No, no such socket in /var/run/dovecot
ll
insgesamt 4 srwxrwxrwx 1 root root 0 8. Jun 2012 dict-server drwxr-x--- 2 root dovecot 4096 22. Jun 19:58 login
Thank you for that explanation!
I have a dovecot-lda-errors.log and a dovecot-lda.log
cat dovecot-lda-errors.log
Dec 14 23:28:20 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory Dec 14 23:28:20 lda: Fatal: Internal error occurred. Refer to server log for more information.
echo "foo" | /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
cat dovecot-lda.log
Dec 14 21:04:07 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:16:46 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:18:25 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:20:44 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 14 21:58:13 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:14:50 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:14:59 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:24:19 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 10:24:27 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 11:14:58 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 11:26:01 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 11:26:11 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Dec 15 14:07:40 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX'
So the question is how do I get this auth-userdb socket?
Ben
Andreas
Andreas Meyer <anmeyer@anup.de> wrote:
I just found out the sockets of dovecot reside in /usr/var/run/dovecot
ll
insgesamt 16 srw------- 1 root root 0 15. Dez 11:14 anvil srw------- 1 root root 0 15. Dez 11:14 anvil-auth-penalty srw------- 1 root root 0 15. Dez 11:14 auth-client srw------- 1 dovecot root 0 15. Dez 11:14 auth-login srw------- 1 root root 0 15. Dez 11:14 auth-master srw------- 1 vmail vmail 0 15. Dez 11:14 auth-userdb srw------- 1 dovecot root 0 15. Dez 11:14 auth-worker srw------- 1 root root 0 15. Dez 11:14 config srw------- 1 root root 0 15. Dez 11:14 dict srw------- 1 root root 0 15. Dez 11:14 director-admin srw-rw-rw- 1 root root 0 15. Dez 11:14 dns-client srw------- 1 root root 0 15. Dez 11:14 doveadm-server lrwxrwxrwx 1 root root 29 15. Dez 11:14 dovecot.conf -> /usr/etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 4096 8. Jun 2012 empty srw-rw-rw- 1 root root 0 15. Dez 11:14 indexer srw------- 1 dovecot root 0 15. Dez 11:14 indexer-worker srw------- 1 root root 0 15. Dez 11:14 ipc srw-rw-rw- 1 root root 0 15. Dez 11:14 lmtp srw------- 1 root root 0 15. Dez 11:14 log-errors drwxr-x--- 2 root dovenull 4096 15. Dez 11:14 login -rw------- 1 root root 6 15. Dez 11:14 master.pid -rw-r--r-- 1 root root 37 15. Dez 11:14 mounts srw------- 1 root root 0 15. Dez 11:14 replication-notify prw------- 1 root root 0 15. Dez 11:14 replication-notify-fifo srw------- 1 dovecot root 0 15. Dez 11:14 replicator srw------- 1 root root 0 15. Dez 11:14 stats prw------- 1 root root 0 15. Dez 11:14 stats-mail
the auth-userdb is there and vmail is the owner. What problem do I have that dovecot-lda does not find the users?
Andreas
At 2PM +0100 on 15/12/12 Andreas Meyer wrote:
If I were to ask 'is anything listening on those sockets?' is there any chance you could answer that?
<snip>
At 2PM +0100 on 15/12/12 Andreas Meyer wrote:
I just found out the sockets of dovecot reside in /usr/var/run/dovecot
OK, that's... a little bizarre.
That's not where dovecot-lda is looking, at least not according to the log above. Is the vmail user able to read dovecot.conf? Do you have more than one dovecot.conf, with different settings in? I would ask you to run
doveconf -m lda base_dir auth_socket_pathas the vmail user, but I'm not convinced you know how.
Ben
Ben Morrow <ben@morrow.me.uk> wrote:
Nothing is listening on /var/run/dovecot. It must be a relict from the old version 1.x
netstat -lnp |grep dovecot
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 25542/dovecot
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 25542/dovecot
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 25542/dovecot
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 25542/dovecot
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 25542/dovecot
tcp 0 0 :::993 :::* LISTEN 25542/dovecot
tcp 0 0 :::995 :::* LISTEN 25542/dovecot
tcp 0 0 :::110 :::* LISTEN 25542/dovecot
tcp 0 0 :::143 :::* LISTEN 25542/dovecot
tcp 0 0 :::4190 :::* LISTEN 25542/dovecot
unix 2 [ ACC ] STREAM HÖRT 3425398 24015/master private/dovecot
unix 2 [ ACC ] STREAM HÖRT 3441242 25542/dovecot /usr/var/run/dovecot/login/sieve
unix 2 [ ACC ] STREAM HÖRT 3441249 25542/dovecot /usr/var/run/dovecot/login/ssl-params
unix 2 [ ACC ] STREAM HÖRT 3441260 25542/dovecot /usr/var/run/dovecot/login/pop3
unix 2 [ ACC ] STREAM HÖRT 3441278 25542/dovecot /usr/var/run/dovecot/login/ipc-proxy
unix 2 [ ACC ] STREAM HÖRT 3441288 25542/dovecot /usr/var/run/dovecot/login/imap
unix 2 [ ACC ] STREAM HÖRT 3441302 25542/dovecot /usr/var/run/dovecot/login/dns-client
unix 2 [ ACC ] STREAM HÖRT 3441316 25542/dovecot /usr/var/run/dovecot/login/login
unix 2 [ ACC ] STREAM HÖRT 3441246 25542/dovecot /usr/var/run/dovecot/stats
unix 2 [ ACC ] STREAM HÖRT 3441253 25542/dovecot /usr/var/run/dovecot/replicator
unix 2 [ ACC ] STREAM HÖRT 3441257 25542/dovecot /usr/var/run/dovecot/replication-notify
unix 2 [ ACC ] STREAM HÖRT 3441268 25542/dovecot /usr/var/run/dovecot/log-errors
unix 2 [ ACC ] STREAM HÖRT 3441272 25542/dovecot /usr/var/run/dovecot/lmtp
unix 2 [ ACC ] STREAM HÖRT 3441276 25542/dovecot /usr/var/run/dovecot/ipc
unix 2 [ ACC ] STREAM HÖRT 3441282 25542/dovecot /usr/var/run/dovecot/indexer-worker
unix 2 [ ACC ] STREAM HÖRT 3441286 25542/dovecot /usr/var/run/dovecot/indexer
unix 2 [ ACC ] STREAM HÖRT 3441296 25542/dovecot /usr/var/run/dovecot/doveadm-server
unix 2 [ ACC ] STREAM HÖRT 3441300 25542/dovecot /usr/var/run/dovecot/dns-client
unix 2 [ ACC ] STREAM HÖRT 3441306 25542/dovecot /usr/var/run/dovecot/director-admin
unix 2 [ ACC ] STREAM HÖRT 3441310 25542/dovecot /usr/var/run/dovecot/dict
unix 2 [ ACC ] STREAM HÖRT 3441314 25542/dovecot /usr/var/run/dovecot/config
unix 2 [ ACC ] STREAM HÖRT 3441320 25542/dovecot /usr/var/run/dovecot/auth-login
unix 2 [ ACC ] STREAM HÖRT 3441324 25542/dovecot /usr/var/run/dovecot/auth-client
unix 2 [ ACC ] STREAM HÖRT 3441328 25542/dovecot /usr/var/run/dovecot/auth-userdb
unix 2 [ ACC ] STREAM HÖRT 3441332 25542/dovecot /usr/var/run/dovecot/auth-master
unix 2 [ ACC ] STREAM HÖRT 3441336 25542/dovecot /usr/var/run/dovecot/auth-worker
unix 2 [ ACC ] STREAM HÖRT 3441340 25542/dovecot /usr/var/run/dovecot/anvil
unix 2 [ ACC ] STREAM HÖRT 3441344 25542/dovecot /usr/var/run/dovecot/anvil-auth-penalty
I can run it as root but not as vmail
su vmail doveconf -m lda base_dir auth_socket_path
/usr/bin/doveconf: /usr/bin/doveconf: cannot execute binary file
doveconf -m lda base_dir auth_socket_path
base_dir = /usr/var/run/dovecot auth_socket_path = auth-userdb
You are great! So the problem is dovecot-lda does not find the sockets. Can I tell it to look in /usr/var/run/dovecot?
Ben
Andreas
Ben Morrow <ben@morrow.me.uk> wrote:
I managed to su to vmail by giving it a shell.
su - vmail
vmail@delta:~> doveconf -m lda base_dir auth_socket_path base_dir = /usr/var/run/dovecot auth_socket_path = auth-userdb
But I don't know how to tell dovecot-lda to listen on sockets in /usr/var/run/dovecot
Ben
Andreas
Ben Morrow <ben@morrow.me.uk> wrote:
hm, what does dovecot-lda do? I think it tries to connect to /usr/var/run/dovecot/auth-userdb ?
vmail@delta:~> echo "foo" | /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
The email with body foo in it is delivered to the mailbox. Dec 15 16:37:27 lda(anmeyer@anup.de): Info: sieve: msgid=unspecified: stored mail into mailbox 'INBOX'
Sending an email from the desktop results in the same error:
mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- CB9771B3025F 559 Sat Dec 15 16:39:48 anmeyer@anup.de (unknown user: "anmeyer@anup.de") anmeyer@anup.de
I looked at the makefiles in the sources of the installed version of dovecot and found that dovecot-lda is like everything compiled with localstatedir = ${prefix}/var rundir = ${prefix}/var/run/dovecot statedir = ${prefix}/var/lib/dovecot where prefix = /usr
I don't know why dovecot-lda is not connecting? to /usr/var/run/dovecot/auth-userdb and instead uses /var/run/dovecot. I delete /var/run/dovecot meanwhile.
Ben
Andreas
Andreas Meyer wrote:
Try to trace the open syscalls of dovecot-lda and its children:
strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
This should give you an idea about which files dovecot-lda really tries to open.
Regards Daniel
Hello!
Daniel Parthey <daniel.parthey@informatik.tu-chemnitz.de> wrote:
strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
open("/usr/lib/dovecot/tls/i686/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/tls/i686/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/tls/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/tls/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/i686/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/i686/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/libdovecot-lda.so.0", O_RDONLY) = 3 open("/usr/lib/dovecot/libdovecot-storage.so.0", O_RDONLY) = 3 open("/usr/lib/dovecot/libdovecot.so.0", O_RDONLY) = 3 open("/usr/lib/dovecot/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 open("/lib/libc.so.6", O_RDONLY) = 3 open("/usr/lib/dovecot/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/librt.so.1", O_RDONLY) = 3 open("/usr/lib/dovecot/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libssl.so.0.9.8", O_RDONLY) = 3 open("/usr/lib/dovecot/libcrypto.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libcrypto.so.0.9.8", O_RDONLY) = 3 open("/usr/lib/dovecot/libz.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libz.so.1", O_RDONLY) = 3 open("/usr/lib/dovecot/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libdl.so.2", O_RDONLY) = 3 open("/lib/libpthread.so.0", O_RDONLY) = 3 open("/var/log/dovecot-lda-errors.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 6 open("/var/log/dovecot-lda.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 7 open("/usr/lib/dovecot", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 8 open("/usr/lib/dovecot/lib90_sieve_plugin.so", O_RDONLY) = 8 open("/usr/lib/dovecot/libdovecot-sieve.so.0", O_RDONLY) = 8 open("/var/log/dovecot-lda-errors.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 6 open("/var/log/dovecot-lda.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 7
This should give you an idea about which files dovecot-lda really tries to open.
Can't really say there is something wrong. It seems to find everything it is looking for.
Regards Daniel
Andreas
Andreas Meyer wrote:
Of course you will need to deliver a mail via stdin. Otherwise dovecot-lda will stall and wait for input, it doesn't even try to connect to auth-userdb.
This might work:
echo "foo" | strace -f -eopen /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
Regards Daniel
Andreas Meyer wrote:
You can also replace the -eopen with -efile to trace all file syscalls.
echo "foo" | strace -f -efile /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
Daniel Parthey <daniel.parthey@informatik.tu-chemnitz.de> wrote:
echo "foo" | strace -f -efile /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
execve("/usr/libexec/dovecot/dovecot-lda", ["/usr/libexec/dovecot/dovecot-lda", "-f", "anmeyer@anup.de", "-d", "anmeyer@anup.de"], [/* 57 vars */]) = 0 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/tls/i686/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/dovecot/tls/i686/sse2", 0xbf901578) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/tls/i686/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/dovecot/tls/i686", 0xbf901578) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/tls/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/dovecot/tls/sse2", 0xbf901578) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/tls/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/dovecot/tls", 0xbf901578) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/i686/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/dovecot/i686/sse2", 0xbf901578) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/i686/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/dovecot/i686", 0xbf901578) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/sse2/libdovecot-lda.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/dovecot/sse2", 0xbf901578) = -1 ENOENT (No such file or directory) open("/usr/lib/dovecot/libdovecot-lda.so.0", O_RDONLY) = 3 open("/usr/lib/dovecot/libdovecot-storage.so.0", O_RDONLY) = 3 open("/usr/lib/dovecot/libdovecot.so.0", O_RDONLY) = 3 open("/usr/lib/dovecot/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 open("/lib/libc.so.6", O_RDONLY) = 3 open("/usr/lib/dovecot/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/librt.so.1", O_RDONLY) = 3 open("/usr/lib/dovecot/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libssl.so.0.9.8", O_RDONLY) = 3 open("/usr/lib/dovecot/libcrypto.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/libcrypto.so.0.9.8", O_RDONLY) = 3 open("/usr/lib/dovecot/libz.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libz.so.1", O_RDONLY) = 3 open("/usr/lib/dovecot/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/libdl.so.2", O_RDONLY) = 3 open("/lib/libpthread.so.0", O_RDONLY) = 3 open("/var/log/dovecot-lda-errors.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 8 open("/var/log/dovecot-lda.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 9 open("/usr/lib/dovecot", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 10 open("/usr/lib/dovecot/lib90_sieve_plugin.so", O_RDONLY) = 10 open("/usr/lib/dovecot/libdovecot-sieve.so.0", O_RDONLY) = 10 open("/var/log/dovecot-lda-errors.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 8 open("/var/log/dovecot-lda.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0600) = 9 chdir("/var/spool/vhosts/anup.de/anmeyer") = 0 stat64("/var/spool/vhosts/anup.de/anmeyer", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 open("/etc/localtime", O_RDONLY) = 11 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0 lstat64("/var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve", {st_mode=S_IFLNK|0777, st_size=25, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer/.dovecot.sieve", {st_mode=S_IFREG|0600, st_size=111, ...}) = 0 open("/var/spool/vhosts/anup.de/anmeyer/.dovecot.svbin", O_RDONLY|O_LARGEFILE) = 11 stat64("/var/spool/vhosts/anup.de/anmeyer/tmp", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 open("/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log", O_RDWR|O_LARGEFILE) = 12 open("/var/spool/vhosts/anup.de/anmeyer/dovecot.index", O_RDWR|O_LARGEFILE) = 13 open("/var/spool/vhosts/anup.de/anmeyer/tmp/1355597452.M328355P30049.delta", O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_LARGEFILE, 0777) = 14 open("/var/spool/vhosts/anup.de/anmeyer/dovecot.index.cache", O_RDWR|O_LARGEFILE) = 15 lstat64("/var/spool/vhosts/anup.de/anmeyer/dovecot-uidlist.lock", 0xbf90145c) = -1 ENOENT (No such file or directory) open("/var/spool/vhosts/anup.de/anmeyer/dovecot-uidlist.lock", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0666) = 14 lstat64("/var/spool/vhosts/anup.de/anmeyer/dovecot-uidlist.lock", {st_mode=S_IFREG|0600, st_size=11, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log", {st_mode=S_IFREG|0600, st_size=11924, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer/dovecot-uidlist", {st_mode=S_IFREG|0600, st_size=544, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log.2", {st_mode=S_IFREG|0600, st_size=32908, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log", {st_mode=S_IFREG|0600, st_size=11924, ...}) = 0 access("/var/spool/vhosts/anup.de/anmeyer/cur", W_OK) = 0 rename("/var/spool/vhosts/anup.de/anmeyer/tmp/1355597452.M328355P30049.delta", "/var/spool/vhosts/anup.de/anmeyer/new/1355597452.M328355P30049.delta,S=4,W=5") = 0 open("/var/spool/vhosts/anup.de/anmeyer/new", O_RDONLY|O_LARGEFILE) = 14 open("/var/spool/vhosts/anup.de/anmeyer/dovecot-uidlist", O_RDWR|O_LARGEFILE) = 14 stat64("/var/spool/vhosts/anup.de/anmeyer/cur", {st_mode=S_IFDIR|0700, st_size=16384, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log", {st_mode=S_IFREG|0600, st_size=12016, ...}) = 0 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0 stat64("/var/spool/vhosts/anup.de/anmeyer/dovecot.index.log", {st_mode=S_IFREG|0600, st_size=12076, ...}) = 0 lstat64("/var/spool/vhosts/anup.de/anmeyer/dovecot-uidlist.lock", {st_mode=S_IFREG|0600, st_size=11, ...}) = 0 unlink("/var/spool/vhosts/anup.de/anmeyer/dovecot-uidlist.lock") = 0 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2295, ...}) = 0
I can't see anyhing about auth-userdb. The mail was delivered to the maildir.
Andreas
At 4PM +0100 on 15/12/12 you (Andreas Meyer) wrote:
Yes. It doesn't listen on any sockets at all.
*Right*. Now we're getting somewhere: it looks like the problem is in your Postfix configuration.
Create a script something like this
#!/bin/sh
echo "--- FROM [$1] TO [$2]" >>/tmp/lda-log
/usr/bin/id >>/tmp/lda-log
/usr/bin/env >>/tmp/lda-log
exec /usr/libexec/dovecot/dovecot-lda -f "$1" -d "$2"(you may need to adjust the paths to id and env; the point is to avoid relying on $PATH) and change the master.cf entry to invoke
/path/to/script ${sender} ${recipient}instead of dovecot-lda. Then deliver some mail and see what, if anything, gets written to /tmp/lda-log.
Ben
Ben Morrow <ben@morrow.me.uk> wrote:
Done that, made the script executable, restarted postfix and sent two mails from the desktop. The stuck in the queue, no file lda-log in /tmp.
dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/etc/postfix/script.sh ${sender} ${recipient}
Ben
Andreas
Ben Morrow <ben@morrow.me.uk> wrote:
And finally I think I found the problem. There is a transportmap in postfix integrated that says:
anup.de virtual .anup.de virtual
I chanched this to
anup.de dovecot .anup.de dovecot
and mail gets delivered. Even when I comment that map, mail is delivered because of virtual_transport = dovecot. Mail never reached the service dovecot because of that transportmap.
You are so great! Thank you all for being so patient and for your help! Now I can go on.
Ben
Andreas
At 9PM +0100 on 15/12/12 Andreas Meyer wrote:
It doesn't matter how you do it, but you need to reject invalid users during the SMTP transaction rather than allowing the mail to bounce later. (This is really basic stuff: have you read through the Postfix documentation? It make this pretty clear.)
If you're using a passwd-file userdb in Dovecot, you need to write a script to convert it to a Postfix map, and make sure that script gets run whenever the source file is updated. (Makefiles are good for that sort of thing.) Alternatively, you could switch to keeping your userdb in an SQL or LDAP database, and have Postfix query it directly. If all else fails, you can arrange to pass the output of 'doveadm user "*"' to postmap, though depending on your Dovecot setup you may need to append a domain.
Ben
Ben Morrow <ben@morrow.me.uk> wrote:
Yes, this is clear to me and I also read through the dovecot-wiki a bit and especially LDA and LDA-Posfix. ;)
Thank you for your hints, Ben! I am glad I have that thing up and running at least. And I already converted the old vmailbox file that postfix used to a new one with the valid users so postfix knows them too.
Thinking about SQL or LDAP database is one of the next steps I am considering. We don't have that much users and taking care of them is not that much work.
Next thing is I want to implement Quota. We are running users with maildir and mboxes. And of course I want to realize sieve filtering soon or later.
I am glad I got this right now with your help. And learned much again.
Ben
Andreas
Andreas Meyer wrote:
I managed to su to vmail by giving it a shell.
su - vmail
For security reasons, you should rather not give a login shell to non-interactive users.
You can temporarily pass a shell to su:
su -s /bin/sh - vmail
Regards Daniel
At 5PM +0100 on 15/12/12 Daniel Parthey wrote:
[This is good advice.]
You can temporarily pass a shell to su:
su -s /bin/sh - vmail
That depends on your su. Mine won't do that. I believe your assumption that Andreas is on Linux, and therefore has a su that does do that, is correct, but I don't know. (I might assume that since I said earlier 'read your system's su(1)' that it doesn't; but then again I might not...)
Ben
Hello!
Ben Morrow <ben@morrow.me.uk> wrote:
At 5PM +0100 on 14/12/12 Andreas Meyer wrote:
id vmail
uid=5000(vmail) gid=5000(vmail) Gruppen=5000(vmail)
su vmail echo "foo" | /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
an empty email with 0 B gets delivered to the maildir of anmeyer@anup.de
echo "foo" | /usr/libexec/dovecot/dovecot-lda -f anmeyer@anup.de -d anmeyer@anup.de
email with foo in the body is delivered to the maildir.
delta:/var/spool/vhosts/anup.de/anmeyer/new # ll
insgesamt 4 -rw------- 1 vmail vmail 0 15. Dez 11:26 1355567160.M902698P23725.delta,S=0,W=0 -rw------- 1 vmail vmail 4 15. Dez 11:26 1355567171.M334599P23728.delta,S=4,W=5
I already added
service auth { unix_listener auth-userdb { mode = 0600 user = vmail # User running dovecot-lda group = vmail # Or alternatively mode 0660 + dovecot-lda user in this group } }
to the dovecot.conf. How does dovecot know there is a socket in /var/spool/postfix/private/dovecot? And how does dovecot-lda know to look there. Am I missunderstanding something?
If I send an email from the desktop I have in the mail.log Dec 15 11:35:25 delta postfix/virtual[23910]: E0BC61B3128A: to=<anmeyer@anup.de>, relay=virtual, delay=0.18, delays=0.09/0.01/0/0.09, dsn=4.1.1, status=SOFTBOUNCE (unknown user: "anmeyer@anup.de")
and the mail is stuck in the queue
mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- E0BC61B3128A 559 Sat Dec 15 11:35:24 anmeyer@anup.de (unknown user: "anmeyer@anup.de") anmeyer@anup.de
I am lost. I don't if the mail is handed over to dovecot-lda and if so why it can't find the passwd-file.
Ben
Andreas
participants (3)
-
Andreas Meyer
-
Ben Morrow
-
Daniel Parthey