"no shared cypher", no matter what I try

Marco Fioretti marco.fioretti at gmail.com
Tue Dec 11 13:38:38 EET 2018


The problem is solved, thanks to Aki. I was missing the "include"
directive in dovecot.conf, because it was not needed in the dovecot
version I was using previously.

Now I have a related question, and... another problem :-)

The question: what is a safer/more sensible value for ssl_cipher_list
than the current "ALL"?

The problem: now that I can login, a permission/ownership problem came
out. In the old server, the mailboxes were owned by user mail_manager,
group mail_management

In the new server I recreated those users, copied the mailboxes as
they were. Postfix / procmail are using that userid, and can write
successfully to the mailboxes.

Dovecot, instead, cannot. Even if I added the dovecot user to the
mail_management group, it keeps generating plenty of errors like this

Dec 11 12:34:13 SERVERNAME dovecot: imap(USERNAME): Error:
file_dotlock_create(/var/mail/mymail_storage/base/.archive.2018.12/dovecot-uidlist)
failed: Permission denied (euid=5000(<unknown>)
egid=5000(mail_management) missing +w perm:
/var/mail/mymail_storage/base/.archive.2018.12, dir owned by 1001:5000
mode=0755)

of course it cannot create the log file because the owner is the
mail_manager user (euid 5000)

so the question is: what is the good/best practice now?  Make dovecot
run as user mail_manager? And if yes, how? Or should I change the
permissions of all the mailboxes and mail files with chmod -r 775 ?

Thanks,
Marco


More information about the dovecot mailing list