[Dovecot] mails delivered to the wrong user when using lmtp_proxy and reject_unverified_recipient
Timo Sirainen
tss at iki.fi
Fri Aug 2 16:30:44 EEST 2013
On 19.7.2013, at 18.11, Peer Heinlein <p.heinlein at heinlein-support.de> wrote:
> looks like we detected a serious bug in dovecot's lmtp proxying where
> e-mails are delivered to the wrong user.
>
> The setup is:
>
> *) Dovecot is configured with "lmtp_proxy=yes"
>
> # Support proxying to other LMTP/SMTP servers by performing passdb lookups.
> lmtp_proxy = yes
>
> *) Postfix uses "dynamic recipient verification", so Postfix starts
> sending a (verify) mail by LMTP to dovecot, but quits the lmtp-session
> right after the RCPT TO:. No DATA-stage is reached in the protocol and
> no real e-mail is sent. But Postfix had a LMTP-connection for "user1".
>
> *) Just some seconds later a "real" e-mail to "user2" has to be
> delivered to dovecot by LMTP. But Dovecot will deliver this mail to the
> wrong "user1" instead of "user2". Looks like dovecot re-uses the (still
> opened?) lmtp-proxy-connection from "user1" to deliver an e-mail to "user2".
As others mentioned, seeing what Postfix <-> Dovecot (and Dovecot proxy <-> Dovecot backend) talk to each others would help. I can't reproduce this in an easy way and the code looks correct also: All proxied connections are dropped on LHLO and RSET. The proxy connections also aren't being reused between different incoming LMTP connections.
More information about the dovecot
mailing list