[Dovecot] Using deliver from Getmail?
Hello list,
a quick question: can I use Dovecot's LDA "deliver" as a destination in Getmail? I.e.:
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver arguments = ("-d", "username",)
Or is deliver not supposed to be called this way?
What I'd like to do is use deliver in the same way I would have used procmail ages ago. Getmail retrieves the mail messages, filters them according to the filter sections set up and then puts them in the final destination as noted above.
Of course I would like to have deliver honour my .dovecot.sieve sieve script. My first tries have not been very successful, all messages retrieved in this way are put in the top level INBOX, not being sieved.
I also got this error message, but I am not sure how it is related:
Jan 14 16:08:04 localhost deliver(username): net_connect(/usr/local/var/run/dovecot/auth-master) failed: Permission denied
Does my user need any special permissions to use the LDA?
TIA!
Andreas
P.S.: Using Dovecot 1.0.5 with the Sieve plugin. I can post the output of dovecot -n but I don't think it's necessary?
Andreas "daff" Ntaflos Vienna, Austria
GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC 7E65 397C E2A8 090C A9B4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This is part of my getmailrc
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver user = ebal group = mail arguments = ( '-d', 'ebal' )
i use getmail + dovecot + sieve + spamassassin [filter getmail] at all of my accounts.
Andreas Ntaflos wrote: | Hello list, | | a quick question: can I use Dovecot's LDA "deliver" as a destination in | Getmail? I.e.: | | [destination] | type = MDA_external | path = /usr/local/libexec/dovecot/deliver | arguments = ("-d", "username",) | | Or is deliver not supposed to be called this way? | | What I'd like to do is use deliver in the same way I would have used procmail | ages ago. Getmail retrieves the mail messages, filters them according to the | filter sections set up and then puts them in the final destination as noted | above. | | Of course I would like to have deliver honour my .dovecot.sieve sieve script. | My first tries have not been very successful, all messages retrieved in this | way are put in the top level INBOX, not being sieved. | | I also got this error message, but I am not sure how it is related: | | Jan 14 16:08:04 localhost deliver(username): | net_connect(/usr/local/var/run/dovecot/auth-master) failed: Permission denied | | Does my user need any special permissions to use the LDA? | | TIA! | | Andreas | | P.S.: Using Dovecot 1.0.5 with the Sieve plugin. I can post the output of | dovecot -n but I don't think it's necessary?
Evaggelos Balaskas - http://ebalaskas.gr Unix System Engineer Informatics Engineer Technological Education -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHi6AvWIK+Pe9twhoRAsoFAJ9g8FyNUEQyxE00SMRga/wHxNwQLwCdEvTn ru64SFXvl1LwXuRUV4c/rr4= =JtkT -----END PGP SIGNATURE-----
On Monday 14 January 2008 18:47:27 Evaggelos Balaskas wrote:
This is part of my getmailrc
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver user = ebal group = mail arguments = ( '-d', 'ebal' )
i use getmail + dovecot + sieve + spamassassin [filter getmail] at all of my accounts.
Thank you for your reply!
I can't seem to be too far off with my configuration, but it's just not working yet. Your user "ebal" is part of the group "mail", I gather?
After adding my user to the mail group and modifying my rc-file such that it looks identical to yours (apart from the usernames of course) I still get the following errors:
Delivery error (command deliver 29175 error (127, exec of command deliver failed (change UID/GID to 1000/8 failed ([Errno 1] Operation not permitted))))
UID 1000 is of course my user. Upon removing the line "group = mail" from the rc-file I get:
Delivery error (command deliver 29696 error (75, ))
Do you know what to make of this?
Thanks again,
Andreas
Andreas "daff" Ntaflos Vienna, Austria
GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC 7E65 397C E2A8 090C A9B4
On Monday 14 January 2008 19:10:10 Andreas Ntaflos wrote:
On Monday 14 January 2008 18:47:27 Evaggelos Balaskas wrote:
This is part of my getmailrc
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver user = ebal group = mail arguments = ( '-d', 'ebal' )
i use getmail + dovecot + sieve + spamassassin [filter getmail] at all of my accounts.
Follow-up: How did you configure Dovecot's authentication facilities and which permissions are set for the deliver binary?
I think that is the problem I am having. I do not want to mess too much with the default permissions but since you have it running fine maybe you could share some insight?
Thanks in advance!
Andreas
Andreas "daff" Ntaflos Vienna, Austria
GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC 7E65 397C E2A8 090C A9B4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I have all my users (and the user running getmail) to mail group, so the folder is writable my mail group and also dovecot belongs to mail group. So i add the group = mail to getmailrc and everything works
Andreas Ntaflos wrote:
On Monday 14 January 2008 19:10:10 Andreas Ntaflos wrote:
On Monday 14 January 2008 18:47:27 Evaggelos Balaskas wrote:
This is part of my getmailrc
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver user = ebal group = mail arguments = ( '-d', 'ebal' )
i use getmail + dovecot + sieve + spamassassin [filter getmail] at all of my accounts.
Follow-up: How did you configure Dovecot's authentication facilities and which permissions are set for the deliver binary?
I think that is the problem I am having. I do not want to mess too much with the default permissions but since you have it running fine maybe you could share some insight?
Thanks in advance!
Andreas
Evaggelos Balaskas - http://ebalaskas.gr Unix System Engineer Informatics Engineer Technological Education -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHjHHYWIK+Pe9twhoRAjRyAJ0cxPbwhCiSBc3z+Hrl5KtPbRShPwCfQ87Z bk4nIqAYh6PLgFTeGqgQ5xI= =WlQV -----END PGP SIGNATURE-----
Andreas Ntaflos wrote:
On Monday 14 January 2008 18:47:27 Evaggelos Balaskas wrote:
This is part of my getmailrc
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver user = ebal group = mail arguments = ( '-d', 'ebal' )
i use getmail + dovecot + sieve + spamassassin [filter getmail] at all of my accounts.
Thank you for your reply!
I can't seem to be too far off with my configuration, but it's just not working yet. Your user "ebal" is part of the group "mail", I gather?
I don't think this matters. he runs deliver as the user who owns the mailbox (see -d argument).
After adding my user to the mail group and modifying my rc-file such that it looks identical to yours (apart from the usernames of course) I still get the following errors:
Delivery error (command deliver 29175 error (127, exec of command deliver failed (change UID/GID to 1000/8 failed ([Errno 1] Operation not permitted))))
UID 1000 is of course my user. Upon removing the line "group = mail" from the rc-file I get:
Delivery error (command deliver 29696 error (75, ))
Do you know what to make of this?
Thanks again,
Andreas
On Monday 14 January 2008 22:15:48 mouss wrote:
Andreas Ntaflos wrote:
On Monday 14 January 2008 18:47:27 Evaggelos Balaskas wrote:
This is part of my getmailrc
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver user = ebal group = mail arguments = ( '-d', 'ebal' )
i use getmail + dovecot + sieve + spamassassin [filter getmail] at all of my accounts.
I can't seem to be too far off with my configuration, but it's just not working yet. Your user "ebal" is part of the group "mail", I gather?
I don't think this matters. he runs deliver as the user who owns the mailbox (see -d argument).
Does that mean that one, and only one, user may be running deliver manually (or from Getmail) to get his mail? This would make it quite impossible for a server with multiple real system users to use Getmail and deliver mail via Dovecot's LDA, wouldn't it?
Or am I not seeing the obvious solution to this problem?
Andreas
Andreas "daff" Ntaflos Vienna, Austria
GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC 7E65 397C E2A8 090C A9B4
Andreas Ntaflos wrote:
On Monday 14 January 2008 22:15:48 mouss wrote:
Andreas Ntaflos wrote:
On Monday 14 January 2008 18:47:27 Evaggelos Balaskas wrote:
This is part of my getmailrc
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver user = ebal group = mail arguments = ( '-d', 'ebal' )
i use getmail + dovecot + sieve + spamassassin [filter getmail] at all of my accounts. I can't seem to be too far off with my configuration, but it's just not working yet. Your user "ebal" is part of the group "mail", I gather? I don't think this matters. he runs deliver as the user who owns the mailbox (see -d argument).
Does that mean that one, and only one, user may be running deliver manually (or from Getmail) to get his mail? This would make it quite impossible for a server with multiple real system users to use Getmail and deliver mail via Dovecot's LDA, wouldn't it?
it does not mean that. some people use a single uid:gid for their mailstore. thus a single user is used to deliver all mail.
Others use different uid:gid for mailboxes. If this is your case, then some work is needed. one possibility is suid. check the wiki.
Or am I not seeing the obvious solution to this problem?
Andreas Ntaflos wrote:
Hello list,
a quick question: can I use Dovecot's LDA "deliver" as a destination in Getmail? I.e.:
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver arguments = ("-d", "username",)
Or is deliver not supposed to be called this way?
What I'd like to do is use deliver in the same way I would have used procmail ages ago. Getmail retrieves the mail messages, filters them according to the filter sections set up and then puts them in the final destination as noted above.
Of course I would like to have deliver honour my .dovecot.sieve sieve script. My first tries have not been very successful, all messages retrieved in this way are put in the top level INBOX, not being sieved.
I also got this error message, but I am not sure how it is related:
Jan 14 16:08:04 localhost deliver(username): net_connect(/usr/local/var/run/dovecot/auth-master) failed: Permission denied
Does my user need any special permissions to use the LDA?
it needs access to the auth-master socket. you can specify the ownership/permissions of this in dovecot.conf.
TIA!
Andreas
P.S.: Using Dovecot 1.0.5 with the Sieve plugin. I can post the output of dovecot -n but I don't think it's necessary?
On Monday 14 January 2008 16:23:03 Andreas Ntaflos wrote:
Hello list,
a quick question: can I use Dovecot's LDA "deliver" as a destination in Getmail? I.e.:
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver arguments = ("-d", "username",)
Hello list,
as a followup, (with an additional question which I probably should post as a separate message) I think I have found the solution.
But to clarify: I am /not/ using a virtual user/virtual domain setup, all users have shell accounts and home directories. The server only hosts two domains (set in $mydestination in Postfix) and I use Dovecot with a simple "userdb passwd" setup, as seen in dovecot -n at the end.
Postfix uses Dovecot's LDA deliver to deliver incoming messages for the two hosted domains, as described in [1], via
mailbox_command = /usr/local/libexec/dovecot/deliver
This seems to be the same as unsetting mailbox_command and instead creating a ~/.forward file in each home directory, with the contents
| "/usr/local/libexec/dovecot/deliver"
so deliver gets called by the user itself (thus no permission problems). Either method seems to work, producing the same results.
To have Getmail use Dovecot's deliver I simply had to set the [destination] section in the rc-file to:
[destination] type = MDA_external path = /usr/local/libexec/dovecot/deliver
which seems to do the trick. No arguments required. Mail fetched by Getmail gets handed to deliver which then puts it in the users inbox. I just had to rewrite some of my ~/.dovecot.sieve, but that's specific to my setup/site.
So thanks for all the input and help in this and the other [2] thread! Really appreciated!
Andreas
[1] http://wiki.dovecot.org/LDA/Postfix [2] http://thread.gmane.org/gmane.mail.imap.dovecot/27076
Andreas Ntaflos Vienna, Austria
GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC 7E65 397C E2A8 090C A9B4
participants (4)
-
Andreas Ntaflos
-
Andreas Ntaflos
-
Evaggelos Balaskas
-
mouss