[Dovecot] File Permissions and delivery
tss at iki.fi
Mon Aug 29 06:24:41 EEST 2011
On Fri, 2011-08-26 at 13:10 -0400, Simon Brereton wrote:
> mail:~# ls /var/spool/mail/virtual/domain.net/simon/new/
> -rwxrwx--- 1 postfix mailsystem 2.5K Aug 26 03:33 1314326000.V801I1666018M803015.mail.net,S=2461:2,
> -rwxrwx--- 1 postfix mailsystem 2.5K Aug 26 03:36 1314326209.V801I1666019M447273.mail.net,S=2460:2,
> -rw-rw---- 1 postfix mailsystem 2.5K Aug 26 04:00 1314327630.V801I166601aM308173.mail.net,S=2477:2,
> -rw------- 1 postfix mailsystem 2.5K Aug 26 04:22 1314328966.V801I166601bM756462.mail.net,S=2461:2,
> -rw------- 1 postfix mailsystem 1.1K Aug 26 16:28 1314372534.V801I166601cM615258.mail.net,S=1097:2,
> -rw------- 1 postfix mailsystem 1.1K Aug 26 16:31 1314372685.V801I166601dM264242.mail.net,S=1097:2,
> Mails are being delivered with 0600 permissions and not 0660 (the mails from courier seem to have all been 0770 as you can see). If I manually change the permission (to 0660) then I can see the mail in the MUA.
If /var/spool/mail/virtual/domain.net/simon has 0770 permissions, the
new mails should be delivered with 0660 permissions. (I don't remember
if having g+s makes any difference in the directory like you have in the
In any case, it would be better if mails were delivered as
mailsystem:mailsystem 0600 since that's what you're reading them as.
Unless you have some other good reason for requiring mailsystem group to
be able to read them.
More information about the dovecot