dovecot-lmtp and postfix

Coy Hile coy.hile at coyhile.com
Sun Aug 11 19:06:55 EEST 2019


Hi all,

I’ve got postfix setup to use dovecot-lmtp for (virtual) user delivery, and things to users or aliases that Dovecot knows about now get delivered correctly. However, I’ve done something wrong with postfix and/or the LMTP configuration because upon RCPT TO, instead of forwarding the mail off to the configured smartest, somehow dovecot-lmtp is ending up in the mix. (Perhaps this is more a postfix question than a dovecot one, but, I’ll start here.)

Relevant postfix config:

[root at 81716ec5-bca4-6d53-ed81-bd1a55d46b4f /opt/local/etc/postfix]# postconf -n
canonical_maps = hash:/opt/local/etc/postfix/canonical
command_directory = /opt/local/sbin
compatibility_level = 2
daemon_directory = /opt/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
default_database_type = hash
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 102400000
mailq_path = /opt/local/bin/mailq
manpage_directory = /opt/local/man
message_size_limit = 51200000
meta_directory = /opt/local/libexec/postfix
mynetworks = $myhostname, 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12 192.168.0.0/16
newaliases_path = /opt/local/bin/newaliases
owner_request_special = no
queue_directory = /var/spool/postfix
queue_minfree = 76800000
readme_directory = /opt/local/share/doc/postfix
recipient_canonical_maps = hash:/opt/local/etc/postfix/recipient_canonical
recipient_delimiter = +
relayhost = relay.svc.a4b01392-e48d-4cdf-cacf-f850d1800d45.basement.cns.coyhile.com
sample_directory = /opt/local/share/examples/postfix
sender_canonical_maps = hash:/opt/local/etc/postfix/sender_canonical
sendmail_path = /opt/local/sbin/sendmail
setgid_group = maildrop
shlib_directory = /opt/local/lib/postfix
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, permit_sasl_authenticated
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unlisted_recipient, reject_non_fqdn_recipient, reject_unauth_destination, reject_unknown_recipient_domain, check_recipient_access hash:/opt/local/etc/postfix/filtered_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unlisted_sender, reject_non_fqdn_sender, reject_unknown_sender_domain
smtputf8_enable = no
strict_rfc821_envelopes = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = pgsql:/opt/local/etc/postfix/postfix_virtual_aliases.cf
virtual_mailbox_domains = pgsql:/opt/local/etc/postfix/postfix_virtual_domains.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
[root at 81716ec5-bca4-6d53-ed81-bd1a55d46b4f /opt/local/etc/postfix]#

And the dovecot config:

doveconf -n
# 2.3.6 (7eab80676): /opt/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.6 (92dc263a)
doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -Pn > dovecot-new.conf
doveconf: Warning: Obsolete setting in /opt/local/etc/dovecot/conf.d/10-ssl.conf:80: ssl_dh_parameters_length is no longer needed
doveconf: Warning: Obsolete setting in /opt/local/etc/dovecot/conf.d/10-ssl.conf:81: ssl_protocols has been replaced by ssl_min_protocol
doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -Pn > dovecot-new.conf
doveconf: Warning: Obsolete setting in /opt/local/etc/dovecot/conf.d/10-ssl.conf:80: ssl_dh_parameters_length is no longer needed
doveconf: Warning: Obsolete setting in /opt/local/etc/dovecot/conf.d/10-ssl.conf:81: ssl_protocols has been replaced by ssl_min_protocol
doveconf: Warning: service auth { client_limit=840 } is lower than required under max. load (1524)
# OS: SunOS 5.11 i86pc
# Hostname: 81716ec5-bca4-6d53-ed81-bd1a55d46b4f.coyhile.com
auth_mechanisms = plain login
auth_socket_path = /var/run/dovecot/auth-userdb
imap_idle_notify_interval = 29 mins
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_attachment_dir = /var/mail/attachments
mail_fsync = never
mail_location = mdbox:~/mdbox
mail_plugins = " acl"
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  args = /opt/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl_defaults_from_inbox = yes
  imapsieve_mailbox1_before = file:/etc/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Junk
  imapsieve_mailbox2_before = file:/etc/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Junk
  imapsieve_mailbox2_name = *
  sieve = file:~/sieve;active=~/.dovecot.sieve
  sieve_global_extensions = +vnd.dovecot.pipe
  sieve_pipe_bin_dir = /etc/dovecot/sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
}
protocols = imap pop3 lmtp submission
service auth-worker {
  user = vmail
}
service auth {
  client_limit = 840
  inet_listener {
    port = 2222
  }
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0666
    user = vmail
  }
}
service imap-login {
  inet_listener imaps {
    port = 993
    ssl = yes
  }
  process_min_avail = 3
  service_count = 0
  vsz_limit = 1 G
}
service imap {
  process_min_avail = 3
  service_count = 256
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 0
  }
  inet_listener pop3s {
    port = 0
  }
}
ssl_cert = </opt/local/etc/dovecot/certs/dovecot.pem
ssl_cipher_list = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
userdb {
  args = /opt/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol lmtp {
  mail_plugins = " acl sieve"
}
protocol lda {
  mail_plugins = " acl sieve"
}
protocol imap {
  mail_max_userip_connections = 50
  mail_plugins = " acl imap_acl imap_sieve”
}

And in syslog I see:

2019-08-11T15:37:57+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f postfix/smtpd[56103]: [ID 197553 mail.info] 12327F13D: client=ns1.coyhile.com[172.17.64.25]
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f postfix/cleanup[56365]: [ID 197553 mail.info] 12327F13D: message-id=<>
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f postfix/qmgr[56018]: [ID 197553 mail.info] 12327F13D: from=<coy.hile at coyhile.com>, size=354, nrcpt=1 (queue active)
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f dovecot: [ID 702911 mail.info] lmtp(50179): Connect from local
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f postfix/lmtp[56821]: [ID 197553 mail.info] 12327F13D: to=<coyhile at gmail.com>, relay=81716ec5-bca4-6d53-ed81-bd1a55d46b4f.localdomain[private/dovecot-lmtp], delay=55, delays=55/0.01/0/0.03, dsn=5.1.1, status=bounced (host 81716ec5-bca4-6d53-ed81-bd1a55d46b4f.localdomain[private/dovecot-lmtp] said: 550 5.1.1 <coyhile at gmail.com> User doesn't exist: coyhile at gmail.com (in reply to RCPT TO command))

Given both of those configurations, shouldn’t it see that gmail address and send it off to the relay host?

-Coy


More information about the dovecot mailing list