LMTP rejecting aliased emails
Hi, I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
E0F617055DB 720 Sat Oct 26 14:50:24 clamav@mydomain.com
(host mail.mydomain.com[private/dovecot-lmtp] said: 451 4.3.0
<clamav@mydomain.com> Temporary internal error (in reply to end of
DATA command))
clamav@mydomain.com
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485):
Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt
clamav@mydomain.com: Failed to initialize user: Mail access for
users with UID 107 not permitted (see first_valid_uid in config
file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
Thanks,
Nick
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
sendmail -bv test@example.com test@example.com... deliverable: mailer esmtp, host example.com., user test@example.com
Something like this should show the alias.
On 26/10/2024 15:34, Marc via dovecot wrote:
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are. I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
sendmail -bvtest@example.com test@example.com... deliverable: mailer esmtp, host example.com., usertest@example.com
Something like this should show the alias.
Weird.
root@mail-www:~# sendmail -bv nick@mydomain.com
Mail Delivery Status Report will be mailed to <root>.
root@mail-www:~# sendmail -bv clamav@mydomain.com
Mail Delivery Status Report will be mailed to <root>.
But my aliases are:
# See man 5 aliases for format
postmaster: root
clamav: nick
# Webmin: Redirect root to nick
root: nick
'newaliases' has been run and /etc/postfix/main.cf has the line:
alias_maps = hash:/etc/aliases
Marc via dovecot skrev den 2024-10-26 16:34:
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
Marc via dovecot skrev den 2024-10-26 16:34:
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_
Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_
first_valid_uid = 1000
root@mail-www:~# doveconf -n | grep last_valid_
root@mail-www:~#
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood.
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled.
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
Marc via dovecot skrev den 2024-10-26 16:34:
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_
Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ?
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood.
in that case its ok to have 1000 as first_
do you change uid gid in userdb ?
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled.
solve doveconf first :)
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Post aliases are implemented in the local delivery agent. To use lmtp, put your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
On Sat, Oct 26, 2024 at 11:47 AM Benny Pedersen via dovecot < dovecot@dovecot.org> wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
Marc via dovecot skrev den 2024-10-26 16:34:
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot:
lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_
Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ?
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood.
in that case its ok to have 1000 as first_
do you change uid gid in userdb ?
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled.
solve doveconf first :)
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
OK. I have tried setting:
virtual_alias_maps = $alias_maps
And in /etc/aliases I now have:
# See man 5 aliases for format
postmaster: root
clamav: root
# Webmin: Redirect root to nick
root: nick@mydomain.com
And the mail queue won't clear:
2024-10-26T18:04:00.890009+01:00 mail-www dovecot: lmtp(1404363):
Error: lmtp-server: conn unix:pid=1404358,uid=102 [1]: rcpt
root@mydomain.com: Failed to lookup user root@mydomain.com: Invalid
settings in userdb: userdb returned 0 as uid
2024-10-26T18:04:00.892965+01:00 mail-www postfix/lmtp[1404358]:
4426B7062BF: to=<root@mydomain.com>,
relay=mail.howitts.co.uk[private/dovecot-lmtp], delay=7518,
delays=7517/0.11/0.07/0, dsn=4.3.0, status=deferred (host
mail.howitts.co.uk[private/dovecot-lmtp] said: 451 4.3.0
<root@mydomain.com> Temporary internal error (in reply to RCPT TO
command))
Am I too late for the destination address to get rewritten, so should I just purge the mailq and get some new test messages?
On 26/10/2024 17:51, Noel J via dovecot wrote:
Post aliases are implemented in the local delivery agent. To use lmtp, put your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
On Sat, Oct 26, 2024 at 11:47 AM Benny Pedersen via dovecot < dovecot@dovecot.org> wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot:
lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are. I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
Marc via dovecot skrev den 2024-10-26 16:34: this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_ Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ?
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood. in that case its ok to have 1000 as first_
do you change uid gid in userdb ?
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled. solve doveconf first :)
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
On Sat, Oct 26, 2024 at 12:16 PM Nick Howitt via dovecot < dovecot@dovecot.org> wrote:
OK. I have tried setting:
virtual_alias_maps = $alias_maps
That’s not likely to work. The file format is different. No “:” in virtual_alias_maps
Also, it’s best if you use fully qualified addresses.
clamav@domain root@domain root@domain nick@domain
Use your domain of course.
And in /etc/aliases I now have:
# See man 5 aliases for format postmaster: root clamav: root # Webmin: Redirect root to nick root: nick@mydomain.com
And the mail queue won't clear:
2024-10-26T18:04:00.890009+01:00 mail-www dovecot: lmtp(1404363): Error: lmtp-server: conn unix:pid=1404358,uid=102 [1]: rcpt root@mydomain.com: Failed to lookup user root@mydomain.com: Invalid settings in userdb: userdb returned 0 as uid 2024-10-26T18:04:00.892965+01:00 mail-www postfix/lmtp[1404358]: 4426B7062BF: to=<root@mydomain.com>, relay=mail.howitts.co.uk[private/dovecot-lmtp], delay=7518, delays=7517/0.11/0.07/0, dsn=4.3.0, status=deferred (host mail.howitts.co.uk[private/dovecot-lmtp] said: 451 4.3.0 <root@mydomain.com> Temporary internal error (in reply to RCPT TO command))
Am I too late for the destination address to get rewritten, so should I just purge the mailq and get some new test messages?
Post aliases are implemented in the local delivery agent. To use lmtp,
On 26/10/2024 17:51, Noel J via dovecot wrote: put
your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
On Sat, Oct 26, 2024 at 11:47 AM Benny Pedersen via dovecot < dovecot@dovecot.org> wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
> I am pretty new to Dovecot and totally new to LMTP. I have normal > delivery working but I am struggling with aliases. In my mail queue > I am > seeing things like: > > But in my /etc/aliases, I am aliasing clamav to nick and > nick@mydomain.com is a valid mail box that can receive normal mail. > > The corresponding line in the mail log is: > > 2024-10-26T14:55:56.385500+01:00 mail-www dovecot: > lmtp(1371485): > Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt > clamav@mydomain.com: Failed to initialize user: Mail access for > users with UID 107 not permitted (see first_valid_uid in config > file, uid from userdb lookup). > > How do I get round this issue? I can drop the minimum UID to 0, but > then > all system users are deemed valid for mail which is not true. None > of > them are. I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
Marc via dovecot skrev den 2024-10-26 16:34: this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_ Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ?
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood. in that case its ok to have 1000 as first_
do you change uid gid in userdb ?
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled. solve doveconf first :)
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Mail already in the queue will need to be reprocessed with postsuper -r ALL
Or just delete it and test again.
On Sat, Oct 26, 2024 at 12:20 PM Noel J <noeldude@gmail.com> wrote:
On Sat, Oct 26, 2024 at 12:16 PM Nick Howitt via dovecot < dovecot@dovecot.org> wrote:
OK. I have tried setting:
virtual_alias_maps = $alias_maps
That’s not likely to work. The file format is different. No “:” in virtual_alias_maps
Also, it’s best if you use fully qualified addresses.
clamav@domain root@domain root@domain nick@domain
Use your domain of course.
And in /etc/aliases I now have:
# See man 5 aliases for format postmaster: root clamav: root # Webmin: Redirect root to nick root: nick@mydomain.com
And the mail queue won't clear:
2024-10-26T18:04:00.890009+01:00 mail-www dovecot: lmtp(1404363): Error: lmtp-server: conn unix:pid=1404358,uid=102 [1]: rcpt root@mydomain.com: Failed to lookup user root@mydomain.com: Invalid settings in userdb: userdb returned 0 as uid 2024-10-26T18:04:00.892965+01:00 mail-www postfix/lmtp[1404358]: 4426B7062BF: to=<root@mydomain.com>, relay=mail.howitts.co.uk[private/dovecot-lmtp], delay=7518, delays=7517/0.11/0.07/0, dsn=4.3.0, status=deferred (host mail.howitts.co.uk[private/dovecot-lmtp] said: 451 4.3.0 <root@mydomain.com> Temporary internal error (in reply to RCPT TO command))
Am I too late for the destination address to get rewritten, so should I just purge the mailq and get some new test messages?
Post aliases are implemented in the local delivery agent. To use lmtp,
On 26/10/2024 17:51, Noel J via dovecot wrote: put
your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
On Sat, Oct 26, 2024 at 11:47 AM Benny Pedersen via dovecot < dovecot@dovecot.org> wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
Marc via dovecot skrev den 2024-10-26 16:34: >> I am pretty new to Dovecot and totally new to LMTP. I have normal >> delivery working but I am struggling with aliases. In my mail queue >> I am >> seeing things like: >> >> But in my /etc/aliases, I am aliasing clamav to nick and >> nick@mydomain.com is a valid mail box that can receive normal mail. >> >> The corresponding line in the mail log is: >> >> 2024-10-26T14:55:56.385500+01:00 mail-www dovecot: >> lmtp(1371485): >> Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt >> clamav@mydomain.com: Failed to initialize user: Mail access for >> users with UID 107 not permitted (see first_valid_uid in config >> file, uid from userdb lookup). >> >> How do I get round this issue? I can drop the minimum UID to 0, but >> then >> all system users are deemed valid for mail which is not true. None >> of >> them are. > I think it is more common to have your MTA postfix/sendmail do the > translation to aliases, so before you deliver it to lmtp. Maybe test > if your MTA is indeed sending the alias this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_ Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ?
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood. in that case its ok to have 1000 as first_
do you change uid gid in userdb ?
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled. solve doveconf first :)
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
On Sat, Oct 26, 2024 at 12:35 PM Marc <Marc@f1-outsourcing.eu> wrote:
Mail already in the queue will need to be reprocessed with postsuper -r ALL
Or just delete it and test again.
his problem is low uid number
Right. Because dovecot is trying to deliver to the clamav user, because postfix didn’t expand the alias, because OP switched from local delivery to lmtp.
But feel free to keep working on the wrong problem.
Noel J via dovecot skrev den 2024-10-26 19:40:
On Sat, Oct 26, 2024 at 12:35 PM Marc <Marc@f1-outsourcing.eu> wrote:
Mail already in the queue will need to be reprocessed with postsuper -r ALL
Or just delete it and test again.
his problem is low uid number
Right. Because dovecot is trying to deliver to the clamav user,
dovecot did not make fails here, mta did that fail
because postfix didn’t expand the alias, because OP switched from local delivery to lmtp.
show logs
But feel free to keep working on the wrong problem.
what a weekend ? :=)
That processed the queue and it has all come through. I was trying "postfix flush" and "postqueue -f", neither of which worked.
It seems like setting virtual_alias_maps wat the fix.
I'll keep an eye on it in case it recurs, but I have to wait for system emails.
Thanks,
NIck
On 26/10/2024 18:23, Noel J via dovecot wrote:
Mail already in the queue will need to be reprocessed with postsuper -r ALL
Or just delete it and test again.
On Sat, Oct 26, 2024 at 12:20 PM Noel J<noeldude@gmail.com> wrote:
On Sat, Oct 26, 2024 at 12:16 PM Nick Howitt via dovecot < dovecot@dovecot.org> wrote:
OK. I have tried setting:
virtual_alias_maps = $alias_maps
That’s not likely to work. The file format is different. No “:” in virtual_alias_maps
Also, it’s best if you use fully qualified addresses.
clamav@domain root@domain root@domain nick@domain
Use your domain of course.
And in /etc/aliases I now have:
# See man 5 aliases for format postmaster: root clamav: root # Webmin: Redirect root to nick root:nick@mydomain.com
And the mail queue won't clear:
2024-10-26T18:04:00.890009+01:00 mail-www dovecot: lmtp(1404363): Error: lmtp-server: conn unix:pid=1404358,uid=102 [1]: rcpt root@mydomain.com: Failed to lookup userroot@mydomain.com: Invalid settings in userdb: userdb returned 0 as uid 2024-10-26T18:04:00.892965+01:00 mail-www postfix/lmtp[1404358]: 4426B7062BF: to=<root@mydomain.com>, relay=mail.howitts.co.uk[private/dovecot-lmtp], delay=7518, delays=7517/0.11/0.07/0, dsn=4.3.0, status=deferred (host mail.howitts.co.uk[private/dovecot-lmtp] said: 451 4.3.0 <root@mydomain.com> Temporary internal error (in reply to RCPT TO command))
Am I too late for the destination address to get rewritten, so should I just purge the mailq and get some new test messages?
Post aliases are implemented in the local delivery agent. To use lmtp,
On 26/10/2024 17:51, Noel J via dovecot wrote: put
your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
On Sat, Oct 26, 2024 at 11:47 AM Benny Pedersen via dovecot < dovecot@dovecot.org> wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote: > Marc via dovecot skrev den 2024-10-26 16:34: >>> I am pretty new to Dovecot and totally new to LMTP. I have normal >>> delivery working but I am struggling with aliases. In my mail queue >>> I am >>> seeing things like: >>> >>> But in my /etc/aliases, I am aliasing clamav to nick and >>> nick@mydomain.com is a valid mail box that can receive normal mail. >>> The corresponding line in the mail log is: >>> >>> 2024-10-26T14:55:56.385500+01:00 mail-www dovecot: >>> lmtp(1371485): >>> Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt >>> clamav@mydomain.com: Failed to initialize user: Mail access for >>> users with UID 107 not permitted (see first_valid_uid in config >>> file, uid from userdb lookup). >>> >>> How do I get round this issue? I can drop the minimum UID to 0, but >>> then >>> all system users are deemed valid for mail which is not true. None >>> of >>> them are. >> I think it is more common to have your MTA postfix/sendmail do the >> translation to aliases, so before you deliver it to lmtp. Maybe test >> if your MTA is indeed sending the alias > this log snipped above is not mta issues at all > > i will take the possible problem later when dovecot does not say > first_ Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ?
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood. in that case its ok to have 1000 as first_
do you change uid gid in userdb ?
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled. solve doveconf first :)
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an emailtodovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an emailtodovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an emailtodovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
Nick Howitt via dovecot skrev den 2024-10-26 19:47:
That processed the queue and it has all come through. I was trying "postfix flush" and "postqueue -f", neither of which worked.
It seems like setting virtual_alias_maps wat the fix.
I'll keep an eye on it in case it recurs, but I have to wait for system emails.
so its possible to see doveconf -n now ?
On 26/10/2024 19:13, Benny Pedersen via dovecot wrote:
Nick Howitt via dovecot skrev den 2024-10-26 19:47:
That processed the queue and it has all come through. I was trying "postfix flush" and "postqueue -f", neither of which worked.
It seems like setting virtual_alias_maps wat the fix.
I'll keep an eye on it in case it recurs, but I have to wait for system emails.
so its possible to see doveconf -n now ?
No adjustments have been made to it since the thread began:
root@mail-www:~# dovecot -n
# 2.3.19.1 (9b53102964): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.19 (4eae2f79)
# OS: Linux 6.1.0-26-amd64 x86_64 Debian 12.7
# Hostname: mail-www.example.com
auth_mechanisms = plain login
auth_username_format = %Ln
disable_plaintext_auth = no
first_valid_uid = 1000
mail_location = maildir:~/.Maildir
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap lmtp sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
ssl_cert = </etc/letsencrypt/live/example.com/fullchain.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
driver = passwd
}
protocol lmtp {
mail_plugins = " sieve"
postmaster_address = nick@example.com
}
protocol lda {
mail_plugins = " sieve"
}
On 26/10/2024 18:20, Noel J via dovecot wrote:
On Sat, Oct 26, 2024 at 12:16 PM Nick Howitt via dovecot < dovecot@dovecot.org> wrote:
OK. I have tried setting:
virtual_alias_maps = $alias_maps
That’s not likely to work. The file format is different. No “:” in virtual_alias_maps
Also, it’s best if you use fully qualified addresses.
clamav@domain root@domain root@domain nick@domain
Use your domain of course. I tested it with two more entries I concealed:
rmsh: rachel
clearos: nick@mydomain.com
and both worked.
And in /etc/aliases I now have:
# See man 5 aliases for format postmaster: root clamav: root # Webmin: Redirect root to nick root:nick@mydomain.com
And the mail queue won't clear:
2024-10-26T18:04:00.890009+01:00 mail-www dovecot: lmtp(1404363): Error: lmtp-server: conn unix:pid=1404358,uid=102 [1]: rcpt root@mydomain.com: Failed to lookup userroot@mydomain.com: Invalid settings in userdb: userdb returned 0 as uid 2024-10-26T18:04:00.892965+01:00 mail-www postfix/lmtp[1404358]: 4426B7062BF: to=<root@mydomain.com>, relay=mail.howitts.co.uk[private/dovecot-lmtp], delay=7518, delays=7517/0.11/0.07/0, dsn=4.3.0, status=deferred (host mail.howitts.co.uk[private/dovecot-lmtp] said: 451 4.3.0 <root@mydomain.com> Temporary internal error (in reply to RCPT TO command))
Am I too late for the destination address to get rewritten, so should I just purge the mailq and get some new test messages?
Post aliases are implemented in the local delivery agent. To use lmtp,
On 26/10/2024 17:51, Noel J via dovecot wrote: put
your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
On Sat, Oct 26, 2024 at 11:47 AM Benny Pedersen via dovecot < dovecot@dovecot.org> wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
Marc via dovecot skrev den 2024-10-26 16:34: >> I am pretty new to Dovecot and totally new to LMTP. I have normal >> delivery working but I am struggling with aliases. In my mail queue >> I am >> seeing things like: >> >> But in my /etc/aliases, I am aliasing clamav to nick and >> nick@mydomain.com is a valid mail box that can receive normal mail. >> >> The corresponding line in the mail log is: >> >> 2024-10-26T14:55:56.385500+01:00 mail-www dovecot: >> lmtp(1371485): >> Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt >> clamav@mydomain.com: Failed to initialize user: Mail access for >> users with UID 107 not permitted (see first_valid_uid in config >> file, uid from userdb lookup). >> >> How do I get round this issue? I can drop the minimum UID to 0, but >> then >> all system users are deemed valid for mail which is not true. None >> of >> them are. > I think it is more common to have your MTA postfix/sendmail do the > translation to aliases, so before you deliver it to lmtp. Maybe test > if your MTA is indeed sending the alias this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_ Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ?
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood. in that case its ok to have 1000 as first_
do you change uid gid in userdb ?
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled. solve doveconf first :)
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an emailtodovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an emailtodovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an emailtodovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
Nick Howitt via dovecot skrev den 2024-10-26 19:27:
I tested it with two more entries I concealed:
rmsh: rachel clearos: nick@mydomain.com
and both worked.
i need proff from logs, both dovecot and postfix that it works
use btw example.com not mydomain.com if you need to obfuscate it
On 26/10/2024 18:43, Benny Pedersen via dovecot wrote:
Nick Howitt via dovecot skrev den 2024-10-26 19:27:
I tested it with two more entries I concealed:
rmsh: rachel clearos: nick@mydomain.com
and both worked.
i need proff from logs, both dovecot and postfix that it works
use btw example.com not mydomain.com if you need to obfuscate it
16 mails cleared together, but I've had to snip the bottom as the message is too large for the list:
2024-10-26T18:40:47.323223+01:00 mail-www postfix/pickup[1403959]:
4EABE7061CB: uid=102 from=<> orig_id=89F127062A7
2024-10-26T18:40:47.336544+01:00 mail-www postfix/cleanup[1410024]:
4EABE7061CB: message-id=<20241026144850.89F127062A7@mail.example.com>
2024-10-26T18:40:47.339593+01:00 mail-www postfix/qmgr[1403957]:
4EABE7061CB: from=<>, size=2195, nrcpt=1 (queue active)
2024-10-26T18:40:47.339877+01:00 mail-www postfix/pickup[1403959]:
52CCB7062A7: uid=102 from=<> orig_id=38ED170614B
2024-10-26T18:40:47.340638+01:00 mail-www postfix/cleanup[1410024]:
52CCB7062A7: message-id=<20241026150434.38ED170614B@mail.example.com>
2024-10-26T18:40:47.345061+01:00 mail-www postfix/qmgr[1403957]:
52CCB7062A7: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.345282+01:00 mail-www postfix/pickup[1403959]:
5424A70614B: uid=102 from=<test@example.com> orig_id=40EDB70621B
2024-10-26T18:40:47.345662+01:00 mail-www postfix/cleanup[1410024]:
5424A70614B: message-id=<20241026155653.40EDB70621B@mail.example.com>
2024-10-26T18:40:47.348637+01:00 mail-www postfix/qmgr[1403957]:
5424A70614B: from=<test@example.com>, size=1313, nrcpt=1 (queue active)
2024-10-26T18:40:47.348874+01:00 mail-www postfix/pickup[1403959]:
5518570621B: uid=102 from=<> orig_id=A66E97061CF
2024-10-26T18:40:47.350161+01:00 mail-www postfix/cleanup[1410024]:
5518570621B: message-id=<20241026155343.A66E97061CF@mail.example.com>
2024-10-26T18:40:47.353029+01:00 mail-www postfix/qmgr[1403957]:
5518570621B: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.353528+01:00 mail-www postfix/pickup[1403959]:
563A97061CF: uid=102 from=<> orig_id=D81F57061D6
2024-10-26T18:40:47.355074+01:00 mail-www postfix/cleanup[1410024]:
563A97061CF: message-id=<20241026155458.D81F57061D6@mail.example.com>
2024-10-26T18:40:47.357747+01:00 mail-www postfix/qmgr[1403957]:
563A97061CF: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.358234+01:00 mail-www postfix/pickup[1403959]:
5761D7061D6: uid=102 from=<> orig_id=7C998706162
2024-10-26T18:40:47.360187+01:00 mail-www postfix/cleanup[1410027]:
5761D7061D6: message-id=<20241026150945.7C998706162@mail.example.com>
2024-10-26T18:40:47.362213+01:00 mail-www postfix/qmgr[1403957]:
5761D7061D6: from=<>, size=2195, nrcpt=1 (queue active)
2024-10-26T18:40:47.362840+01:00 mail-www postfix/pickup[1403959]:
5882A706162: uid=102 from=<> orig_id=4426B7062BF
2024-10-26T18:40:47.363939+01:00 mail-www postfix/cleanup[1410024]:
5882A706162: message-id=<20241026145843.4426B7062BF@mail.example.com>
2024-10-26T18:40:47.367099+01:00 mail-www postfix/qmgr[1403957]:
5882A706162: from=<>, size=2228, nrcpt=1 (queue active)
2024-10-26T18:40:47.367412+01:00 mail-www postfix/pickup[1403959]:
59A0F7062BF: uid=102 from=<> orig_id=15B9F7062CE
2024-10-26T18:40:47.368691+01:00 mail-www postfix/cleanup[1410027]:
59A0F7062BF: message-id=<20241026150411.15B9F7062CE@mail.example.com>
2024-10-26T18:40:47.372150+01:00 mail-www postfix/qmgr[1403957]:
59A0F7062BF: from=<>, size=2195, nrcpt=1 (queue active)
2024-10-26T18:40:47.372509+01:00 mail-www postfix/pickup[1403959]:
5AB737062CE: uid=102 from=<n1ck.h0w1tt@gmail.com> orig_id=DA2D5706222
2024-10-26T18:40:47.373529+01:00 mail-www postfix/cleanup[1410024]:
5AB737062CE:
message-id=<CAKovnV3Ew4XUSOWHDsfEpPXVr+5WLqoGbndKPJO6NbgOK-rmeA@mail.gmail.com>
2024-10-26T18:40:47.376803+01:00 mail-www postfix/qmgr[1403957]:
5AB737062CE: from=<n1ck.h0w1tt@gmail.com>, size=4589, nrcpt=1 (queue
active)
2024-10-26T18:40:47.377192+01:00 mail-www postfix/pickup[1403959]:
5C03F706222: uid=102 from=<> orig_id=96B897062A2
2024-10-26T18:40:47.378864+01:00 mail-www postfix/cleanup[1410027]:
5C03F706222: message-id=<20241026144832.96B897062A2@mail.example.com>
2024-10-26T18:40:47.381625+01:00 mail-www postfix/qmgr[1403957]:
5C03F706222: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.382153+01:00 mail-www postfix/pickup[1403959]:
5D34F7062A2: uid=102 from=<clamav@example.com> orig_id=E0F617055DB
2024-10-26T18:40:47.383616+01:00 mail-www postfix/cleanup[1410024]:
5D34F7062A2: message-id=<20241026135024.E0F617055DB@mail.example.com>
2024-10-26T18:40:47.386534+01:00 mail-www postfix/qmgr[1403957]:
5D34F7062A2: from=<clamav@example.com>, size=836, nrcpt=1 (queue active)
2024-10-26T18:40:47.387150+01:00 mail-www postfix/pickup[1403959]:
5E7007055DB: uid=102 from=<> orig_id=347FF706291
2024-10-26T18:40:47.389035+01:00 mail-www postfix/cleanup[1410027]:
5E7007055DB: message-id=<20241026144301.347FF706291@mail.example.com>
2024-10-26T18:40:47.391762+01:00 mail-www postfix/qmgr[1403957]:
5E7007055DB: from=<>, size=2195, nrcpt=1 (queue active)
2024-10-26T18:40:47.393079+01:00 mail-www postfix/pickup[1403959]:
5FE09706291: uid=102 from=<> orig_id=02D7E7062D2
2024-10-26T18:40:47.393625+01:00 mail-www dovecot: lmtp(1410029):
Connect from local
2024-10-26T18:40:47.394467+01:00 mail-www postfix/cleanup[1410024]:
5FE09706291: message-id=<20241026150407.02D7E7062D2@mail.example.com>
2024-10-26T18:40:47.397404+01:00 mail-www postfix/qmgr[1403957]:
5FE09706291: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.398298+01:00 mail-www postfix/pickup[1403959]:
6128F7062D2: uid=102 from=<> orig_id=50540706294
2024-10-26T18:40:47.400552+01:00 mail-www postfix/cleanup[1410027]:
6128F7062D2: message-id=<20241026144316.50540706294@mail.example.com>
2024-10-26T18:40:47.403528+01:00 mail-www postfix/qmgr[1403957]:
6128F7062D2: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.403729+01:00 mail-www postfix/pickup[1403959]:
6274A706294: uid=102 from=<> orig_id=4DB3870615F
2024-10-26T18:40:47.405215+01:00 mail-www postfix/cleanup[1410024]:
6274A706294: message-id=<20241026150933.4DB3870615F@mail.example.com>
2024-10-26T18:40:47.408334+01:00 mail-www postfix/qmgr[1403957]:
6274A706294: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.409004+01:00 mail-www postfix/pickup[1403959]:
63C6670615F: uid=102 from=<> orig_id=7A8AB7062A4
2024-10-26T18:40:47.410892+01:00 mail-www postfix/cleanup[1410027]:
63C6670615F: message-id=<20241026144842.7A8AB7062A4@mail.example.com>
2024-10-26T18:40:47.413884+01:00 mail-www postfix/qmgr[1403957]:
63C6670615F: from=<>, size=2203, nrcpt=1 (queue active)
2024-10-26T18:40:47.414254+01:00 mail-www dovecot: lmtp(1410031):
Connect from local
2024-10-26T18:40:47.418705+01:00 mail-www dovecot:
lmtp(nick)<1410029><bM5jF58pHWftgxUAXBDGSw>: sieve:
msgid=<20241026144850.89F127062A7@mail.example.com>: stored mail
into mailbox 'INBOX'
2024-10-26T18:40:47.419713+01:00 mail-www postfix/lmtp[1410026]:
4EABE7061CB: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], delay=10317,
delays=10317/0.02/0.03/0.02, dsn=2.0.0, status=sent (250 2.0.0
<nick@example.com> bM5jF58pHWftgxUAXBDGSw Saved)
2024-10-26T18:40:47.419900+01:00 mail-www postfix/qmgr[1403957]:
4EABE7061CB: removed
2024-10-26T18:40:47.420291+01:00 mail-www dovecot: lmtp(1410029):
Disconnect from local: Logged out (state=READY)
2024-10-26T18:40:47.421146+01:00 mail-www dovecot: lmtp(1410029):
Connect from local
2024-10-26T18:40:47.436975+01:00 mail-www dovecot:
lmtp(nick)<1410029><cIwSGZ8pHWftgxUAXBDGSw>: sieve:
msgid=<20241026155653.40EDB70621B@mail.example.com>: stored mail
into mailbox 'INBOX'
2024-10-26T18:40:47.437133+01:00 mail-www dovecot: lmtp(1410029):
Disconnect from local: Logged out (state=READY)
2024-10-26T18:40:47.437513+01:00 mail-www dovecot: lmtp(1410029):
Connect from local
2024-10-26T18:40:47.441165+01:00 mail-www postfix/lmtp[1410030]:
5424A70614B: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], delay=6234,
delays=6234/0.06/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0
<nick@example.com> cIwSGZ8pHWftgxUAXBDGSw Saved)
2024-10-26T18:40:47.441391+01:00 mail-www postfix/qmgr[1403957]:
5424A70614B: removed
2024-10-26T18:40:47.444437+01:00 mail-www dovecot:
lmtp(nick)<1410031><8YOpGJ8pHWfvgxUAXBDGSw>: sieve:
msgid=<20241026150434.38ED170614B@mail.example.com>: stored mail
into mailbox 'INBOX'
2024-10-26T18:40:47.445471+01:00 mail-www postfix/lmtp[1410028]:
52CCB7062A7: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], delay=9373,
delays=9373/0.04/0.03/0.03, dsn=2.0.0, status=sent (250 2.0.0
<nick@example.com> 8YOpGJ8pHWfvgxUAXBDGSw Saved)
2024-10-26T18:40:47.446132+01:00 mail-www postfix/qmgr[1403957]:
52CCB7062A7: removed
2024-10-26T18:40:47.446605+01:00 mail-www dovecot: lmtp(1410031):
Disconnect from local: Logged out (state=READY)
2024-10-26T18:40:47.447546+01:00 mail-www dovecot: lmtp(1410031):
Connect from local
2024-10-26T18:40:47.452494+01:00 mail-www dovecot: lmtp(1410033):
Connect from local
2024-10-26T18:40:47.464577+01:00 mail-www postfix/lmtp[1410026]:
5518570621B: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], delay=6424,
delays=6424/0.07/0.02/0.02, dsn=2.0.0, status=sent (250 2.0.0
<nick@example.com> cJgKGp8pHWftgxUAXBDGSw Saved)
2024-10-26T18:40:47.464744+01:00 mail-www postfix/qmgr[1403957]:
5518570621B: removed
2024-10-26T18:40:47.464828+01:00 mail-www dovecot:
lmtp(nick)<1410029><cJgKGp8pHWftgxUAXBDGSw>: sieve:
msgid=<20241026155343.A66E97061CF@mail.example.com>: stored mail
into mailbox 'INBOX'
2024-10-26T18:40:47.467421+01:00 mail-www dovecot:
lmtp(nick)<1410031><OBGmGp8pHWfvgxUAXBDGSw>: sieve:
msgid=<20241026155458.D81F57061D6@mail.example.com>: stored mail
into mailbox 'INBOX'
2024-10-26T18:40:47.468360+01:00 mail-www postfix/lmtp[1410032]:
563A97061CF: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], delay=6349,
delays=6348/0.07/0.02/0.02, dsn=2.0.0, status=sent (250 2.0.0
<nick@example.com> OBGmGp8pHWfvgxUAXBDGSw Saved)
2024-10-26T18:40:47.469057+01:00 mail-www postfix/qmgr[1403957]:
563A97061CF: removed
2024-10-26T18:40:47.474894+01:00 mail-www dovecot:
lmtp(nick)<1410033><3/ryGp8pHWfxgxUAXBDGSw>: sieve:
msgid=<20241026150945.7C998706162@mail.example.com>: stored mail
into mailbox 'INBOX'
2024-10-26T18:40:47.475819+01:00 mail-www postfix/lmtp[1410030]:
5761D7061D6: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], delay=9062,
delays=9062/0.08/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0
<nick@example.com> 3/ryGp8pHWfxgxUAXBDGSw Saved)
2024-10-26T18:40:47.476551+01:00 mail-www postfix/qmgr[1403957]:
5761D7061D6: removed
2024-10-26T18:40:47.484252+01:00 mail-www dovecot: lmtp(1410036):
Connect from local
2024-10-26T18:40:47.490585+01:00 mail-www dovecot:
lmtp(nick)<1410031><OBGmGp8pHWfvgxUAXBDGSw:T2>: sieve:
msgid=<20241026144832.96B897062A2@mail.example.com>: stored mail
into mailbox 'INBOX'
2024-10-26T18:40:47.491132+01:00 mail-www postfix/lmtp[1410032]:
5C03F706222: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], conn_use=2,
delay=10335, delays=10335/0.09/0/0.02, dsn=2.0.0, status=sent (250
2.0.0 <nick@example.com> OBGmGp8pHWfvgxUAXBDGSw:T2 Saved)
2024-10-26T18:40:47.491732+01:00 mail-www postfix/qmgr[1403957]:
5C03F706222: removed
2024-10-26T18:40:47.494410+01:00 mail-www dovecot:
lmtp(nick)<1410029><cJgKGp8pHWftgxUAXBDGSw:T2>: sieve:
msgid=<CAKovnV3Ew4XUSOWHDsfEpPXVr+5WLqoGbndKPJO6NbgOK-rmeA@mail.gmail.com>:
stored mail into mailbox 'INBOX'
2024-10-26T18:40:47.495570+01:00 mail-www postfix/lmtp[1410026]:
5AB737062CE: to=<nick@example.com>, orig_to=<root@example.com>,
relay=mail.example.com[private/dovecot-lmtp], conn_use=2,
delay=5602, delays=5601/0.09/0/0.03, dsn=2.0.0, status=sent (250
2.0.0 <nick@example.com> cJgKGp8pHWftgxUAXBDGSw:T2 Saved)
Nick Howitt via dovecot skrev den 2024-10-26 19:11:
OK. I have tried setting:
virtual_alias_maps = $alias_maps
And in /etc/aliases I now have:
# See man 5 aliases for format postmaster: root clamav: root # Webmin: Redirect root to nick root: nick@mydomain.com
And the mail queue won't clear:
2024-10-26T18:04:00.890009+01:00 mail-www dovecot: lmtp(1404363): Error: lmtp-server: conn unix:pid=1404358,uid=102 [1]: rcpt root@mydomain.com: Failed to lookup user root@mydomain.com: Invalid settings in userdb: userdb returned 0 as uid
so you did the mistake here again with uid 0 :/
2024-10-26T18:04:00.892965+01:00 mail-www postfix/lmtp[1404358]: 4426B7062BF: to=<root@mydomain.com>, relay=mail.howitts.co.uk[private/dovecot-lmtp], delay=7518, delays=7517/0.11/0.07/0, dsn=4.3.0, status=deferred (host mail.howitts.co.uk[private/dovecot-lmtp] said: 451 4.3.0 <root@mydomain.com> Temporary internal error (in reply to RCPT TO command))
Am I too late for the destination address to get rewritten, so should I just purge the mailq and get some new test messages?
output from mailq ?
delete this mail with postsuper -d mailq-id
try again
On 26/10/2024 18:36, Benny Pedersen via dovecot wrote:
Nick Howitt via dovecot skrev den 2024-10-26 19:11:
OK. I have tried setting:
virtual_alias_maps = $alias_maps
And in /etc/aliases I now have:
# See man 5 aliases for format postmaster: root clamav: root # Webmin: Redirect root to nick root: nick@mydomain.com
And the mail queue won't clear:
2024-10-26T18:04:00.890009+01:00 mail-www dovecot: lmtp(1404363): Error: lmtp-server: conn unix:pid=1404358,uid=102 [1]: rcpt root@mydomain.com: Failed to lookup user root@mydomain.com: Invalid settings in userdb: userdb returned 0 as uid
so you did the mistake here again with uid 0 :/
2024-10-26T18:04:00.892965+01:00 mail-www postfix/lmtp[1404358]: 4426B7062BF: to=<root@mydomain.com>, relay=mail.howitts.co.uk[private/dovecot-lmtp], delay=7518, delays=7517/0.11/0.07/0, dsn=4.3.0, status=deferred (host mail.howitts.co.uk[private/dovecot-lmtp] said: 451 4.3.0 <root@mydomain.com> Temporary internal error (in reply to RCPT TO command))
Am I too late for the destination address to get rewritten, so should I just purge the mailq and get some new test messages?
output from mailq ?
delete this mail with postsuper -d mailq-id
try again
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org I don't think UID of 0 is a mistake at all? The message was going to root, UID=0, and was not successfully being rewritten so LMTP got the hump. Now it is being rewritten by virtual_alias_maps, the issue has gone away and mail delivery seems to be successful.
Nick Howitt via dovecot skrev den 2024-10-26 19:55:
I don't think UID of 0 is a mistake at all? The message was going to root, UID=0, and was not successfully being rewritten so LMTP got the hump. Now it is being rewritten by virtual_alias_maps, the issue has gone away and mail delivery seems to be successful.
if uid 0 is not a problem then you could run whole dovecot server as root, dont blame it have no security then
simply remove all users and keep only root system user left, it works :)
its maybe too late to learn ?
remove webmin, first step on make it better
On 26/10/2024 19:17, Benny Pedersen via dovecot wrote:
Nick Howitt via dovecot skrev den 2024-10-26 19:55:
I don't think UID of 0 is a mistake at all? The message was going to root, UID=0, and was not successfully being rewritten so LMTP got the hump. Now it is being rewritten by virtual_alias_maps, the issue has gone away and mail delivery seems to be successful.
if uid 0 is not a problem then you could run whole dovecot server as root, dont blame it have no security then
simply remove all users and keep only root system user left, it works :)
Then how do you have proper users?
its maybe too late to learn ?
Sorry, please explain what I need to learn.
remove webmin, first step on make it better
Sorry, but I don't understand the issue. To me it looks like LMTP was complaining it was trying to send an email to root (UID=0) and was blocking it. Now root is successfully aliased to nick (UID=1000), LMTP delivers the message. The UID=0 was a symptom of a misconfiguration of postfix.
Noel J skrev den 2024-10-26 18:51:
Post aliases are implemented in the local delivery agent. To use lmtp, put your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
then try this:
sendmail -f root -bv root
what did postfix do here ?
On 26/10/2024 19:36, Benny Pedersen via dovecot wrote:
Noel J skrev den 2024-10-26 18:51:
Post aliases are implemented in the local delivery agent. To use lmtp, put your aliases in virtual_alias_maps
Postfix does not expand aliases with sendmail -bv, just reports if the address will be accepted.
then try this:
sendmail -f root -bv root
what did postfix do here ?
root@mail-www:~# sendmail -f root -bv root Mail Delivery Status Report will be mailed to <root>.
On 26/10/2024 17:43, Benny Pedersen via dovecot wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:36:
On 26/10/2024 17:22, Benny Pedersen via dovecot wrote:
Marc via dovecot skrev den 2024-10-26 16:34:
I am pretty new to Dovecot and totally new to LMTP. I have normal delivery working but I am struggling with aliases. In my mail queue I am seeing things like:
But in my /etc/aliases, I am aliasing clamav to nick and nick@mydomain.com is a valid mail box that can receive normal mail.
The corresponding line in the mail log is:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
I think it is more common to have your MTA postfix/sendmail do the translation to aliases, so before you deliver it to lmtp. Maybe test if your MTA is indeed sending the alias
this log snipped above is not mta issues at all
i will take the possible problem later when dovecot does not say first_
Hi, I get:
root@mail-www:~# doveconf -n | grep first_valid_ first_valid_uid = 1000
set it to 100 then, not 1000
107 is lower then 1000, no ?
root@mail-www:~# doveconf -n | grep last_valid_ root@mail-www:~#
why is last not set ? Because webmin didn't set it? Looking at the docs:
last_valid_uid
Default: 0
Values: Unsigned integer
This setting and first_valid_uid specify the valid UID range
for users.
0 means there is no explicit last UID.
So I would assume it is running at default? It is commented out in /etc/dovecot/conf.d/10-mail.conf.
Is this not valid? My first proper user is user 1000. All users below that are system users and should never receive emails as themselves and need to be aliased to a proper user. Or have I misunderstood.
in that case its ok to have 1000 as first_
OK
do you change uid gid in userdb ?
No. It is a fresh install of Debian 12 and the installation routine put the first user (me) at 1000 - not even webmin.
TBH, I would have thought postfix may have rewritten the RCPT TO before it sent on to LMTP but that is said without knowledge.
At the same time I have received in my proper mailbox an email from root to clamav so I am massively puzzled.
solve doveconf first :)
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Nick Howitt via dovecot skrev den 2024-10-26 18:57:
Because webmin didn't set it? Looking at the docs:
last_valid_uid Default: 0 Values: Unsigned integer This setting and first_valid_uid specify the valid UID range
for users.
0 means there is no explicit last UID.
stupid, id 0 gives root, no one needs root for dovecot
please make better defaults, stop using nice webtools to screw up security
i will have my weekend now, but i asked on irc, why dovecot is to blame on security now
Benny, go take your meds
On 27/10/2024 03:32, Benny Pedersen via dovecot wrote:
Nick Howitt via dovecot skrev den 2024-10-26 18:57:
Because webmin didn't set it? Looking at the docs:
last_valid_uid
Default: 0
Values: Unsigned integer
This setting and first_valid_uid specify the valid UID range for users.
0 means there is no explicit last UID.
stupid, id 0 gives root, no one needs root for dovecot
please make better defaults, stop using nice webtools to screw up security
i will have my weekend now, but i asked on irc, why dovecot is to blame on security now
-- Regards, Noel Butler
Nick Howitt via dovecot skrev den 2024-10-26 16:25:
2024-10-26T14:55:56.385500+01:00 mail-www dovecot: lmtp(1371485): Error: lmtp-server: conn unix:pid=1371484,uid=102 [1]: rcpt clamav@mydomain.com: Failed to initialize user: Mail access for users with UID 107 not permitted (see first_valid_uid in config file, uid from userdb lookup).
How do I get round this issue? I can drop the minimum UID to 0, but then all system users are deemed valid for mail which is not true. None of them are.
doveconf -n | grep first_valid_ doveconf -n | grep last_valid_
i bet 107 is outside of this range from first to last :=)
do not make it 0 !!!!
good range goes from 1 to 1023, eg no high uid gid
check
id 107
what system user is this ?
is this same user as mail_privileged_group = id 107 here
i can help more if you did provide doveconf -n
participants (5)
-
Benny Pedersen
-
Marc
-
Nick Howitt
-
Noel Butler
-
Noel J