[Dovecot] Permission denied error log messages

Tim Traver tt-list at simplenet.com
Thu Dec 2 08:04:37 EET 2010

Hi Timo,

ok, I have a large 2.07 NFS setup, and I have been monitoring error
messages to make sure I catch things, and I've come across a lot of
messages that come in pairs and look like this :

Dec 01 17:48:35 lda(paul at xxxxxx.com): Error:
write(/home/mailboxes/data/301/paul at xxxxxx.com/Maildir/tmp/1291254514.M620308P83269.mta2.scaledsystems.com)
failed: Permission denied

Dec 01 17:48:35 lda(paul at xxxxxx.com): Error: sieve: msgid=unspecified:
failed to store into mailbox 'INBOX': Internal error occurred. Refer to
server log for more information. [2010-12-01 17:48:34]

I run the dovecot installation as a single user, and that user owns ALL
of my virtual accounts directories. I checked, and there aren't any
permissions that aren't correct. All the way up the tree has the same
owner and group, and there are plenty of messages that make it through
without any issue.

The NFS servers don't have enough load on them to return errors for file
operations, so I don't believe it is that. We use high end NetApp
equipment and have never had any problems with them.

I'm baffled as to why it gets permission denied message on the tmp
directory. There does not seem to be a recognizable pattern for times,
or particular accounts. I've just got a heck of a lot of these messages
in the deliver log error files...

I use qmail control files to feed the lda delivery for messages. When
these errors happen, is the message lost? or is it still queued up in
qmail's queue when the lda gives a fatal error like that?



here is my dovecot -n output :

# 2.0.7: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 8.0-RELEASE-p3 i386
auth_username_format = %Lu
auth_username_translation = %@
auth_verbose = yes
disable_plaintext_auth = no
dotlock_use_excl = yes
first_valid_uid = 100
listen = *
lock_method = dotlock
log_path = /local/logs/dovecot.errors
mail_fsync = always
mail_gid = 100
mail_location = maildir:%h/Maildir
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = " quota"
mail_uid = 100
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date imapflags notify
mmap_disable = yes
passdb {
  args = /bin/checkpassword_dovecot_auth
  driver = checkpassword
plugin {
  quota = maildir:User quota
  quota_rule = Trash:storage=+100M
  sieve = ~/.dovecot.sieve
  sieve_after = /home/mailboxes/sieve/to_spam_folder.sieve
  sieve_dir = ~/Maildir/sieve
  sieve_extensions = +notify +imapflags
protocols = imap pop3 sieve
service auth {
  unix_listener auth-userdb {
    group = sn
    mode = 0600
    user = sn
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = prefetch
userdb {
  args = /bin/checkpassword_dovecot_deliver
  driver = checkpassword
verbose_proctitle = yes
protocol pop3 {
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
protocol lda {
  info_log_path = /local/logs/dovecot-deliver.log
  log_path = /local/logs/dovecot-deliver-errors.log
  mail_plugins = " quota sieve"
protocol imap {
  mail_plugins = " quota imap_quota"
protocol sieve {
  managesieve_sieve_capability = comparator-i;ascii-numeric fileinto
reject vacation imap4flags notify include envelope body relational regex
subaddress copy

More information about the dovecot mailing list