[Dovecot] Dovecot 1.2.12 + Postfix + virtual domains: delivering to system users

Ran Talbott embed_bucket at cox.net
Fri Dec 31 11:18:26 EET 2010


I've tested with 3 different configurations,  using 3 users:

  ran - a Linux system user that's in the postfix "virtual.db"
  vmail - a system user _not_ in virtual.db
  testing.testing - a Windoze user with no Linux account

All 3 configurations have passdb ldap and userdb ldap.

First config has no userdb or passdb for the Linux users.  Second config adds 
userdb passwd.  Both work the same:
   Mail to vmail bounces
   Mail to ran is delivered OK to /home/ran/maildir
   Mail to testing.testing goes to /var/mailstore//testing.testing/Maildir

But testing.testing mail _should_ go 
to /var/mailstore/<domain>/testing.testing/Maildir.  As mentioned in my 
earlier email,  %d doesn't seem to work with LDAP queries.

The third config adds passdb shadow.
   Mail to vmail bounces
   Mail to ran is delivered OK to /home/ran/maildir
   Mail to testing.testing tries to go to /home/testing.testing/Maildir. This
     delivery attempt fails because the manufactured Linux uid and gid are
     wrong.  But it's also the wrong directory.

In a nutshel:  it appears Dovecot can't deliver to sysem users at all (Postfix 
is taking care of "ran"), and the mere presence of a "passdb shadow" causes 
the DAP lookups to go awry.

Here's the dovecot -n and mail.log for configuration 1 (email addresses in all 
logs have been obscured by replacing domain name):

# 1.2.12: dovecot.conf.9
# OS: Linux 2.6.35-23-generic-pae i686 Ubuntu 10.10 ext4
log_timestamp: %Y-%m-%d %H:%M:%S 
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_uid: 501
mail_gid: 501
mail_location: maildir:/var/mailstore/%d/%n/Maildir
mbox_write_locks: fcntl dotlock
imap_client_workarounds: delay-newmail outlook-idle netscape-eoh
lda:
  postmaster_address: mail.server at lawleytechsupport.info
  hostname: lawleytechsupport.info
auth default:
  mechanisms: plain login
  username_format: %Ln
  verbose: yes
  debug: yes
  passdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  userdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
      user: vmail


Dec 30 19:25:30 IBMUBUNTU1 dovecot: last message repeated 2 times
Dec 30 19:25:30 IBMUBUNTU1 dovecot: auth(default): Killed with signal 15 (by 
pid=1 uid=0 code=kill)
Dec 30 19:25:30 IBMUBUNTU1 dovecot: dovecot: Killed with signal 15 (by pid=1 
uid=0 code=kill)
Dec 30 19:25:30 IBMUBUNTU1 dovecot: Dovecot v1.2.12 starting up (core dumps 
disabled)
Dec 30 19:25:36 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24878
Dec 30 19:25:36 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24877
Dec 30 19:25:36 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24879
Dec 30 19:26:57 IBMUBUNTU1 postfix/smtpd[24884]: connect from 
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:26:57 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24884
Dec 30 19:26:57 IBMUBUNTU1 postfix/smtpd[24884]: NOQUEUE: reject: RCPT from 
fed1rmmtao105.cox.net[68.230.241.41]: 550 5.1.1 <vmail at yyy.yyy>: Recipient 
address rejected: User unknown in virtual mailbox table; 
from=<embed-mobile at xxx.xxx> to=<vmail at yyy.yyy> proto=ESMTP 
helo=<fed1rmmtao105.cox.net>
Dec 30 19:26:57 IBMUBUNTU1 postfix/smtpd[24884]: disconnect from 
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/smtpd[24884]: connect from 
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/smtpd[24884]: 3E63A101F19: 
client=fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/cleanup[24889]: 3E63A101F19: 
message-id=<201012301925.44033.embed-mobile at xxx.xxx>
Dec 30 19:27:11 IBMUBUNTU1 postfix/qmgr[19282]: 3E63A101F19: 
from=<embed-mobile at xxx.xxx>, size=1361, nrcpt=1 (queue active)
Dec 30 19:27:11 IBMUBUNTU1 postfix/smtpd[24884]: disconnect from 
fed1rmmtao105.cox.net[68.230.241.41]
Dec 30 19:27:11 IBMUBUNTU1 postfix/local[24890]: 3E63A101F19: 
to=<ran at localhost>, orig_to=<ran at yyy.yyy>, relay=local, delay=0.28, 
delays=0.23/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 19:27:11 IBMUBUNTU1 postfix/qmgr[19282]: 3E63A101F19: removed
Dec 30 19:27:25 IBMUBUNTU1 postfix/smtpd[24884]: connect from 
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 19:27:25 IBMUBUNTU1 postfix/smtpd[24884]: 1DA90101F19: 
client=fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 19:27:25 IBMUBUNTU1 postfix/cleanup[24889]: 1DA90101F19: 
message-id=<201012301925.57821.embed-mobile at xxx.xxx>
Dec 30 19:27:25 IBMUBUNTU1 postfix/qmgr[19282]: 1DA90101F19: 
from=<embed-mobile at xxx.xxx>, size=1409, nrcpt=1 (queue active)
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): master in: 
USER#0111#011testing.testing at yyy.yyy#011service=deliver
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing): user 
search: base=dc=lawley, dc=local scope=subtree filter=(&(objectClass=user)
(samaccountname=testing.testing)) fields=
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing): 
result: objectClass(?unknown?)= cn(?unknown?)= sn(?unknown?)= 
givenName(?unknown?)= distinguishedName(?unknown?)= instanceType(?unknown?)= 
whenCreated(?unknown?)= whenChanged(?unknown?)= displayName(?unknown?)= 
uSNCreated(?unknown?)= uSNChanged(?unknown?)= name(?unknown?)= 
objectGUID(?unknown?)= userAccountControl(?unknown?)= 
primaryGroupID(?unknown?)= objectSid(?unknown?)= sAMAccountName(?unknown?)= 
sAMAccountType(?unknown?)= userPrincipalName(?unknown?)= 
objectCategory(?unknown?)=
Dec 30 19:27:25 IBMUBUNTU1 dovecot: auth(default): master out: 
USER#0111#011testing.testing#011home=/var/mailstore//testing.testing. 
=uid=501#011gid=501#011mail=maildir:/var/mailstore//testing.testing/Maildir/
Dec 30 19:27:25 IBMUBUNTU1 postfix/smtpd[24884]: disconnect from 
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 19:27:25 IBMUBUNTU1 dovecot: deliver(testing.testing): 
msgid=<201012301925.57821.embed-mobile at xxx.xxx>: saved mail to INBOX
Dec 30 19:27:25 IBMUBUNTU1 postfix/pipe[24891]: 1DA90101F19: 
to=<testing.testing at yyy.yyy>, relay=dovecot, delay=0.36, 
delays=0.23/0.01/0/0.12, dsn=2.0.0, status=sent (delivered via dovecot 
service)
Dec 30 19:27:25 IBMUBUNTU1 postfix/qmgr[19282]: 1DA90101F19: removed


**********************************************************************
Here's the dovecot -n and mail.log for configuration 2:
# 1.2.12: dovecot.conf.11
# OS: Linux 2.6.35-23-generic-pae i686 Ubuntu 10.10 ext4
log_timestamp: %Y-%m-%d %H:%M:%S 
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_uid: 501
mail_gid: 501
mail_location: maildir:/var/mailstore/%d/%n/Maildir
mbox_write_locks: fcntl dotlock
imap_client_workarounds: delay-newmail outlook-idle netscape-eoh
lda:
  postmaster_address: mail.server at lawleytechsupport.info
  hostname: lawleytechsupport.info
auth default:
  mechanisms: plain login
  username_format: %Ln
  verbose: yes
  debug: yes
  passdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  userdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  userdb:
    driver: passwd
    args: mail=maildir:~/Maildir
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
      user: vmail

Dec 30 19:18:39 IBMUBUNTU1 postfix/smtpd[24843]: connect from 
fed1rmmtao102.cox.net[68.230.241.44]
Dec 30 19:18:39 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24843
Dec 30 19:18:39 IBMUBUNTU1 postfix/smtpd[24843]: NOQUEUE: reject: RCPT from 
fed1rmmtao102.cox.net[68.230.241.44]: 550 5.1.1 <vmail at yyy.yyy>: Recipient 
address rejected: User unknown in virtual mailbox table; 
from=<embed-mobile at xxx.xxx> to=<vmail at yyy.yyy> proto=ESMTP 
helo=<fed1rmmtao102.cox.net>
Dec 30 19:18:39 IBMUBUNTU1 postfix/smtpd[24843]: disconnect from 
fed1rmmtao102.cox.net[68.230.241.44]
Dec 30 19:18:54 IBMUBUNTU1 postfix/smtpd[24843]: connect from 
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 19:18:54 IBMUBUNTU1 postfix/smtpd[24843]: 636DD101F22: 
client=fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 19:18:54 IBMUBUNTU1 postfix/cleanup[24848]: 636DD101F22: 
message-id=<201012301917.17808.embed-mobile at xxx.xxx>
Dec 30 19:18:54 IBMUBUNTU1 postfix/qmgr[19282]: 636DD101F22: 
from=<embed-mobile at xxx.xxx>, size=1362, nrcpt=1 (queue active)
Dec 30 19:18:54 IBMUBUNTU1 postfix/smtpd[24843]: disconnect from 
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 19:18:54 IBMUBUNTU1 postfix/local[24849]: 636DD101F22: 
to=<ran at localhost>, orig_to=<ran at yyy.yyy>, relay=local, delay=0.31, 
delays=0.26/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 19:18:54 IBMUBUNTU1 postfix/qmgr[19282]: 636DD101F22: removed
Dec 30 19:19:02 IBMUBUNTU1 postfix/smtpd[24843]: connect from 
fed1rmmtao106.cox.net[68.230.241.40]
Dec 30 19:19:03 IBMUBUNTU1 postfix/smtpd[24843]: 047FA101F22: 
client=fed1rmmtao106.cox.net[68.230.241.40]
Dec 30 19:19:03 IBMUBUNTU1 postfix/cleanup[24848]: 047FA101F22: 
message-id=<201012301917.31815.embed-mobile at xxx.xxx>
Dec 30 19:19:03 IBMUBUNTU1 postfix/qmgr[19282]: 047FA101F22: 
from=<embed-mobile at xxx.xxx>, size=1408, nrcpt=1 (queue active)
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): master in: 
USER#0111#011testing.testing at yyy.yyy#011service=deliver
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing): user 
search: base=dc=lawley, dc=local scope=subtree filter=(&(objectClass=user)
(samaccountname=testing.testing)) fields=
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing): 
result: objectClass(?unknown?)= cn(?unknown?)= sn(?unknown?)= 
givenName(?unknown?)= distinguishedName(?unknown?)= instanceType(?unknown?)= 
whenCreated(?unknown?)= whenChanged(?unknown?)= displayName(?unknown?)= 
uSNCreated(?unknown?)= uSNChanged(?unknown?)= name(?unknown?)= 
objectGUID(?unknown?)= userAccountControl(?unknown?)= 
primaryGroupID(?unknown?)= objectSid(?unknown?)= sAMAccountName(?unknown?)= 
sAMAccountType(?unknown?)= userPrincipalName(?unknown?)= 
objectCategory(?unknown?)=
Dec 30 19:19:03 IBMUBUNTU1 dovecot: auth(default): master out: 
USER#0111#011testing.testing#011home=/var/mailstore//testing.testing. 
=uid=501#011gid=501#011mail=maildir:/var/mailstore//testing.testing/Maildir/
Dec 30 19:19:03 IBMUBUNTU1 postfix/smtpd[24843]: disconnect from 
fed1rmmtao106.cox.net[68.230.241.40]
Dec 30 19:19:03 IBMUBUNTU1 dovecot: deliver(testing.testing): 
msgid=<201012301917.31815.embed-mobile at xxx.xxx>: saved mail to INBOX
Dec 30 19:19:03 IBMUBUNTU1 postfix/pipe[24850]: 047FA101F22: 
to=<testing.testing at yyy.yyy>, relay=dovecot, delay=0.56, 
delays=0.46/0.01/0/0.1, dsn=2.0.0, status=sent (delivered via dovecot 
service)
Dec 30 19:19:03 IBMUBUNTU1 postfix/qmgr[19282]: 047FA101F22: removed




**********************************************************************
Here's the dovecot -n and mail.log for configuration 3:

# 1.2.12: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.35-23-generic-pae i686 Ubuntu 10.10 ext4
log_timestamp: %Y-%m-%d %H:%M:%S 
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_uid: 501
mail_gid: 501
mail_location: maildir:/var/mailstore/%d/%n/Maildir
mbox_write_locks: fcntl dotlock
imap_client_workarounds: delay-newmail outlook-idle netscape-eoh
lda:
  postmaster_address: mail.server at lawleytechsupport.info
  hostname: lawleytechsupport.info
auth default:
  mechanisms: plain login
  username_format: %Ln
  verbose: yes
  debug: yes
  passdb:
    driver: shadow
  passdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  userdb:
    driver: passwd
    args: mail=maildir:/home/%n/Maildir
  userdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
      user: vmail

Dec 30 08:02:20 IBMUBUNTU1 postfix/cleanup[23693]: 502151009C7: 
message-id=<20101230150220.502151009C7 at mail.lawleytechsupport.info>
Dec 30 08:02:20 IBMUBUNTU1 postfix/qmgr[19282]: 502151009C7: 
from=<root at yyy.yyy>, size=409, nrcpt=1 (queue active)
Dec 30 08:02:20 IBMUBUNTU1 postfix/local[23695]: 502151009C7: 
to=<root at localhost>, orig_to=<root>, relay=local, delay=0.19, 
delays=0.14/0.02/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 08:02:20 IBMUBUNTU1 postfix/qmgr[19282]: 502151009C7: removed
Dec 30 17:34:41 IBMUBUNTU1 postfix/smtpd[24338]: connect from 
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:34:41 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24338
Dec 30 17:34:41 IBMUBUNTU1 postfix/smtpd[24338]: NOQUEUE: reject: RCPT from 
fed1rmmtao107.cox.net[68.230.241.39]: 550 5.1.1 <vmail at yyy.yyy>: Recipient 
address rejected: User unknown in virtual mailbox table; 
from=<embed-mobile at xxx.xxx> to=<vmail at yyy.yyy> proto=ESMTP 
helo=<fed1rmmtao107.cox.net>
Dec 30 17:34:42 IBMUBUNTU1 postfix/smtpd[24338]: disconnect from 
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:37:34 IBMUBUNTU1 postfix/smtpd[24346]: connect from 
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 17:37:34 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24346
Dec 30 17:37:34 IBMUBUNTU1 postfix/smtpd[24346]: 60C91101F15: 
client=fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 17:37:34 IBMUBUNTU1 postfix/cleanup[24350]: 60C91101F15: 
message-id=<201012301736.07378.embed-mobile at xxx.xxx>
Dec 30 17:37:34 IBMUBUNTU1 postfix/qmgr[19282]: 60C91101F15: 
from=<embed-mobile at xxx.xxx>, size=1378, nrcpt=1 (queue active)
Dec 30 17:37:34 IBMUBUNTU1 postfix/local[24351]: 60C91101F15: 
to=<ran at localhost>, orig_to=<ran at yyy.yyy>, relay=local, delay=0.3, 
delays=0.24/0.01/0/0.05, dsn=2.0.0, status=sent (delivered to maildir)
Dec 30 17:37:34 IBMUBUNTU1 postfix/qmgr[19282]: 60C91101F15: removed
Dec 30 17:37:34 IBMUBUNTU1 postfix/smtpd[24346]: disconnect from 
fed1rmmtao103.cox.net[68.230.241.43]
Dec 30 17:40:54 IBMUBUNTU1 postfix/anvil[24341]: statistics: max connection 
rate 1/60s for (smtp:68.230.241.39) at Dec 30 17:34:41
Dec 30 17:40:54 IBMUBUNTU1 postfix/anvil[24341]: statistics: max connection 
count 1 for (smtp:68.230.241.39) at Dec 30 17:34:41
Dec 30 17:40:54 IBMUBUNTU1 postfix/anvil[24341]: statistics: max cache size 1 
at Dec 30 17:34:41
Dec 30 17:55:05 IBMUBUNTU1 postfix/smtpd[24508]: connect from 
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:55:05 IBMUBUNTU1 dovecot: auth(default): new auth connection: 
pid=24508
Dec 30 17:55:06 IBMUBUNTU1 postfix/smtpd[24508]: 230F2101F19: 
client=fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:55:06 IBMUBUNTU1 postfix/cleanup[24513]: 230F2101F19: 
message-id=<201012301753.38728.embed-mobile at xxx.xxx>
Dec 30 17:55:06 IBMUBUNTU1 postfix/qmgr[19282]: 230F2101F19: 
from=<embed-mobile at xxx.xxx>, size=1425, nrcpt=1 (queue active)
Dec 30 17:55:06 IBMUBUNTU1 dovecot: auth(default): master in: 
USER#0111#011testing.testing at yyy.yyy#011service=deliver
Dec 30 17:55:06 IBMUBUNTU1 dovecot: auth(default): passwd(testing.testing): 
lookup
Dec 30 17:55:06 IBMUBUNTU1 postfix/smtpd[24508]: disconnect from 
fed1rmmtao107.cox.net[68.230.241.39]
Dec 30 17:55:16 IBMUBUNTU1 dovecot: auth(default): master out: 
USER#0111#011testing.testing#011mail=maildir:/home/testing.testing/Maildir#011system_groups_user=testing.testing#011uid=10001#011gid=10013#011home=/home/LAWLEY/testing.testing
Dec 30 17:55:16 IBMUBUNTU1 dovecot: deliver(testing.testing at yyy.yyy): Fatal: 
setgid(10013(domain users)) failed with euid=501(vmail), gid=501(vmail), 
egid=501(vmail): Operation not permitted (This binary should probably be 
called with process group set to 10013(domain users) instead of 501(vmail))
Dec 30 17:55:16 IBMUBUNTU1 postfix/pipe[24514]: 230F2101F19: 
to=<testing.testing at yyy.yyy>, relay=dovecot, delay=11, delays=0.34/0.01/0/10, 
dsn=4.3.0, status=deferred (temporary failure)


More information about the dovecot mailing list