[Dovecot] LDA ignored
Hi,
my final goal is it to make use Dovecot's sieve modul - but unfortunately I'm not getting the LDA running as it is described in the Dovecot's wiki pages ... ;/ I've more and more getting the feeling that the LDA section in the configuration is completely ignored, cause whatever change I do in there is not being recognized at all - I could just type wildly arround in there - restart Dovecot and it will work. But the dovecot.conf is being used by Dovecot - cause changes to other sections are affecting Dovecot's behaviour ... it's really just the LDA section. I configured and compiled Dovecot with LDA & Managesieve. Otherwhise Dovecot / Postfix setup is running quite well - mail is being scanned by amavis and Spamassassin and delivered as it did before I added / changed the configs to the sieve related options ... It's very weired.
I activated "mail_debug = yes" and the following shows up when I start Dovecot:
Starting dovecot. ILoading modules from directory: /usr/local/lib/dovecot/imap IModule loaded: /usr/local/lib/dovecot/imap/lib10_quota_plugin.so IModule loaded: /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so IEffective uid=65534, gid=65534, home=/tmp Iquota: No quota setting - plugin disabled IEffective uid=65534, gid=65534, home=/tmp
It doesn't say a thing about sieve / lda ... ;(
The proof that Dovecot is running:
Server # ps aux | grep dove root 29355 0.0 0.1 5944 1768 ?? Ss 10:02PM 0:00.05 /usr/local/sbin/dovecot -c /usr/local/etc/dovecot.conf nobody 29356 0.0 0.3 17372 3512 ?? S 10:02PM 0:00.03 dovecot-auth dovecot 29359 0.0 0.3 9816 3256 ?? I 10:02PM 0:00.04 managesieve-login dovecot 29360 0.0 0.3 9816 3256 ?? I 10:02PM 0:00.05 managesieve-login dovecot 29361 0.0 0.3 9816 3256 ?? I 10:02PM 0:00.03 managesieve-login dovecot 29362 0.0 0.3 9816 3248 ?? I 10:02PM 0:00.03 pop3-login dovecot 29363 0.0 0.3 9816 3248 ?? I 10:02PM 0:00.05 pop3-login dovecot 29364 0.0 0.3 9816 3248 ?? I 10:02PM 0:00.03 pop3-login dovecot 29365 0.0 0.3 9812 3260 ?? I 10:02PM 0:00.03 imap-login dovecot 29366 0.0 0.3 9812 3260 ?? I 10:02PM 0:00.03 imap-login dovecot 29367 0.0 0.3 9812 3448 ?? S 10:02PM 0:00.03 imap-login: imap-login [192.168.1.233 TLS] (imap-login) dovecot 29374 0.0 0.3 9812 3260 ?? I 10:03PM 0:00.02 imap-login
The last lines of Postfix master.cf:
dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}
AMaVIs interface
smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
and finally some more out of the dovecot.conf:
[...]
protocols = imap imaps pop pop3s managesieve lda
[...]
mail_debug = yes
[...]
protocol lda { mail_plugins = sieve # ... other plugins like quota mail_plugin_dir = /usr/local/lib/dovecot/lda
If there is no user-specific Sieve-script, global Sieve script is
executed if set.
sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve postmaster_address = admin@server.netocean sendmail_path = /usr/local/sbin/sendmail log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log }
[...]
plugin {
# NOTE: %variable expansion works only with Dovecot v1.0.2+
sieve = /var/sieve-scripts/%u.sieve
# quota = maildir
# The location of the users active script:
sieve = ~/.dovecot.sieve
# If the user has no personal active script (i.e. if the file
# indicated in sieve= does not exist), use this one:
#sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
# The include extension fetches the :personal scripts from this
# directory. When ManageSieve is used, this is also where scripts
# are uploaded.sieve_dir = ~/sieve
# The include extension fetches the :global scripts from this
# directory. Extension hamm wir nicht aktiviert.sieve_global_dir = /usr/local/etc/dovecot/sieve/global/
# Scripts executed before the user's script.
# E.g. handling messages marked as dangeroussieve_before = /var/lib/dovecot/sieve/discard-virusses.sieve
# Scripts executed after the user's script (if keep is still in effect)
# E.g. default mail filing rules.sieve_after = /var/lib/dovecot/sieve/after.d/
}
[...]
Any suggestions of what I'm doing wrong? Thx
Leander S. put forth on 7/8/2010 8:02 AM:
Any suggestions of what I'm doing wrong?
Missing this maybe?
Then set virtual_transport to dovecot in /etc/postfix/main.cf:
dovecot_destination_recipient_limit = 1 virtual_mailbox_domains = your.domain.here virtual_transport = dovecot
-- Stan
Am 08.07.2010 15:22, schrieb Stan Hoeppner:
Leander S. put forth on 7/8/2010 8:02 AM:
Any suggestions of what I'm doing wrong?
Missing this maybe?
Then set virtual_transport to dovecot in /etc/postfix/main.cf:
dovecot_destination_recipient_limit = 1 virtual_mailbox_domains = your.domain.here virtual_transport = dovecot
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
On Thu, 08 Jul 2010 15:28:15 +0200 Leander S. <leander.schaefer@googlemail.com> articulated:
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
Please post the output of "postconf -n". Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger.
It sounds suspiciously like you have 'virtual' configured incorrectly. When replying, please show which domains are "virtual".
-- Jerry ✌ Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
I saw a subliminal advertising executive, but only for a second.
Steven WrightJerry schrieb:
On Thu, 08 Jul 2010 15:28:15 +0200 Leander S. <leander.schaefer@googlemail.com> articulated:
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
Please post the output of "postconf -n". Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger.
It sounds suspiciously like you have 'virtual' configured incorrectly. When replying, please show which domains are "virtual".
^^ currently this is a testing system - it has a two virtual domains running. They're stored in a PGSQL Backend. What details will be interesting for you? Must I post the table structure with values?
Let me know if you need more
################# #################
server [~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases allow_mail_to_commands = alias, forward allow_mail_to_files = alias, forward append_at_myorigin = yes append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m broken_sasl_auth_clients = no command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 3 default_privs = nobody default_process_limit = 100 default_recipient_limit = 200 disable_dns_lookups = no header_size_limit = 102400 html_directory = /usr/local/share/doc/postfix inet_interfaces = all inet_protocols = ipv4 local_recipient_maps = proxy:unix:passwd.byname $alias_maps mail_name = home-MTA mail_owner = postfix mail_version = 1.0 mailbox_size_limit = 0 mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydestination = $myhostname, localhost.$mydomain, localhost mydomain = home myhostname = server.home mynetworks = 127.0.0.0/8 mynetworks_style = subent myorigin = $myhostname newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_delimiter = + resolve_numeric_domain = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_host_lookup = dns, native smtp_sasl_auth_enable = no smtp_tls_note_starttls_offer = yes smtpd_delay_reject = yes smtpd_enforce_tls = no smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_starttls_timeout = 300s smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes syslog_facility = mail syslog_name = ${multi_instance_name:postfix}${multi_instance_name?$multi_instance_name} tls_random_prng_update_period = 3600s tls_random_source = dev:/dev/urandom transport_maps = pgsql:/usr/local/etc/postfix/transport_maps unknown_local_recipient_reject_code = 550 virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps server [~]#
################# #################
server [~]# postfinger postfinger - postfix configuration on Thu Jul 8 20:32:40 CEST 2010 version: 1.30
Warning: postfinger output may show private configuration information, such as ip addresses and/or domain names which you do not want to show to the public. If this is the case it is your responsibility to modify the output to hide this private information. [Remove this warning with the --nowarn option.]
--System Parameters-- mail_version = 2.6.5 hostname = server.home uname = FreeBSD server.home 8.0-RELEASE FreeBSD 8.0-RELEASE #5: Tue Jun 22 20:48:20 CEST 2010 root@server.home:/usr/obj/usr/src/sys/home amd64
--Packaging information-- looks like this postfix comes from BSD package: postfix-2.6.5,1
--main.cf non-default parameters-- append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m content_filter = smtp-amavis:[127.0.0.1]:10024 debug_peer_level = 3 default_recipient_limit = 200 mail_name = home-MTA mail_version = 1.0 mailbox_size_limit = 0 max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydomain = home mynetworks = 127.0.0.0/8 mynetworks_style = subent recipient_delimiter = + smtp_host_lookup = dns, native smtp_tls_note_starttls_offer = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_use_tls = yes transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps
--master.cf-- smtp inet n - n - - smtpd smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
-- end of postfinger output -- server [~]#
################# #################
server [~]# cat /usr/local/etc/dovecot.conf
Network
protocols = imap imaps pop3 pop3s managesieve listen = * shutdown_clients = yes
Logging
#mail_debug = yes #auth_verbose = yes #auth_debug = yes #auth_debug_passwords = yes log_timestamp = "%b %d %H:%M:%S " syslog_facility = mail
SSL settings
ssl = yes ssl_cert_file = /etc/ssl/dovecot/cert.pem ssl_key_file = /etc/ssl/dovecot/key.pem #ssl_key_password = passphrase
Login processes
verbose_proctitle = yes login_user = dovecot login_greeting = home MailSystem
Mailbox locations and namespaces
Not being used since we use PGSQL Virtual
mail_location = maildir:/var/mail/%d/%n mail_privileged_group = mail
Mail processes
dotlock_use_excl = yes first_valid_uid = 2000 first_valid_gid = 2000
Mailbox handling optimizations
mailbox_idle_check_interval = 30
Maildir-specific settings
maildir_copy_with_hardlinks = yes
IMAP specific settings
protocol imap { #listen = *:143 #ssl_listen = *:993 login_executable = /usr/local/libexec/dovecot/imap-login mail_executable = /usr/local/libexec/dovecot/imap mail_plugins = quota imap_quota mail_plugin_dir = /usr/local/lib/dovecot/imap #imap_max_line_length = 65536 imap_client_workarounds = outlook-idle }
POP3 specific settings
protocol pop3 { #listen = *:110 #ssl_listen = *:995 login_executable = /usr/local/libexec/dovecot/pop3-login mail_executable = /usr/local/libexec/dovecot/pop3 pop3_lock_session = no pop3_uidl_format = %08Xu%08Xv mail_plugins = quota mail_plugin_dir = /usr/local/lib/dovecot/pop3 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh }
ManageSieve specific settings
protocol managesieve {
Login executable location.
#login_executable = /usr/local/libexec/dovecot/managesieve-login
ManageSieve executable location. See IMAPs mail_executable above for
examples how this could be changed.
#mail_executable = /usr/local/libexec/dovecot/managesieve
Maximum ManageSieve command line length in bytes. This setting is
directly borrowed from IMAP. But, since long command lines are very
unlikely with ManageSieve, changing this will not be very useful.
#managesieve_max_line_length = 65536
ManageSieve logout format string:
%i - total number of bytes read from client
%o - total number of bytes sent to client
#managesieve_logout_format = bytes=%i/%o
If, for some inobvious reason, the sieve_storage remains unset, the
ManageSieve daemon uses the specification of the mail_location to
find out
where to store the sieve files (see explaination in
README.managesieve).
The example below, when uncommented, overrides any global
mail_location
specification and stores all the scripts in ~/mail/sieve if
sieve_storage
is unset. However, you should always use the sieve_storage
setting.
mail_location =
mbox:~/mail
To fool ManageSieve clients that are focused on timesieved you can
specify the IMPLEMENTATION capability that the dovecot reports to
clients
(default:
"dovecot").
#managesieve_implementation_string = Cyrus timsieved
v2.2.13
}
LDA specific settings
protocol lda { postmaster_address = admin@server.home mail_plugins = sieve log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log }
Authentication processes
auth_executable = /usr/local/libexec/dovecot/dovecot-auth auth_cache_size = 0 auth_cache_ttl = 3600 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu disable_plaintext_auth = yes
auth default { mechanisms = cram-md5 passdb sql { args = /usr/local/etc/dovecot-sql.conf } userdb sql { args = /usr/local/etc/dovecot-sql.conf } user = nobody socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } }
Plugin settings
plugin {
The location of the users active script:
sieve = ~/.dovecot.sieve
The include extension fetches the :personal scripts from this
directory. When ManageSieve is used, this is also where scripts
are uploaded.
#sieve_dir = ~/sieve
If the user has no personal active script (i.e. if the file
indicated in sieve= does not exist), use this one:
sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
The include extension fetches the :global scripts from this
directory. Extension hamm wir nicht aktiviert.
#sieve_global_dir = /usr/local/etc/dovecot/sieve/global/
Scripts executed before the users script.
E.g. handling messages marked as dangerous
#sieve_before = /var/lib/dovecot/sieve/discard-virusses.sieve
Scripts executed after the users script (if keep is still in effect)
E.g. default mail filing rules.
#sieve_after = /var/lib/dovecot/sieve/after.d/
Quota Section
quota = maildir
}
dict { #quota = pgsql:/usr/local/etc/dovecot-dict-sql.conf }
server [~]#
On 07/08/2010 10:41 PM Leander S. wrote:
… transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_transport = dovecot … server [~]# postfinger … --master.cf-- dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} … server [~]# cat /usr/local/etc/dovecot.conf
Useless use of cat. dovecot -n output is sufficient.
One of your pgsql based transport_maps overrides your virtual_transport parameter. Either make sure your database returns 'dovecot' as transport or remove the transport_maps parameter, if you want to use 'dovecot' as transport for all virtual users.
Regards, Pascal
The trapper recommends today: beeffeed.1019014@localdomain.org
Pascal Volk schrieb:
On 07/08/2010 10:41 PM Leander S. wrote:
… transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_transport = dovecot … server [~]# postfinger … --master.cf-- dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} … server [~]# cat /usr/local/etc/dovecot.conf
Useless use of cat.
dovecot -noutput is sufficient.One of your pgsql based transport_maps overrides your virtual_transport parameter. Either make sure your database returns 'dovecot' as transport or remove the transport_maps parameter, if you want to use 'dovecot' as transport for all virtual users.
Regards, Pascal
Ja MAN, that was it - the virtual: had to be replaced with dovecot: in the SQL DB. But no I'm not geting my mail delivered any more ;/ /var/maillog.log shows me following:
server postfix/pipe[1603]: 5A0BE7B6A9: to=<admin@server.netocean>, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
What does deferred mean?
Thx for the help - much appreciated ;)
On Fri, 2010-07-09 at 17:13 +0200, Leander S. wrote:
server postfix/pipe[1603]: 5A0BE7B6A9: to=<admin@server.netocean>, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
Make sure deliver can write to logs and look at its log files. http://wiki.dovecot.org/LDA#logging
Timo Sirainen schrieb:
On Fri, 2010-07-09 at 17:13 +0200, Leander S. wrote:
server postfix/pipe[1603]: 5A0BE7B6A9: to=<admin@server.netocean>, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
Make sure deliver can write to logs and look at its log files. http://wiki.dovecot.org/LDA#logging
Thanks. I figured what I miss now-I just don't get where to merge this propper now. I would love to get a hint to get a reasonable config.
This is how my auth section currently looks like:
auth default { mechanisms = cram-md5
passdb sql { args = /usr/local/etc/dovecot-sql.conf }
userdb sql { args = /usr/local/etc/dovecot-sql.conf }
user = nobody
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 }
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}} }
And apparently I need to add something like that now:
service auth { unix_listener auth-master { group = mode = 0600 user = } }
and apparently auth-master will be too much in that case since auth-userdb should do the job.
Thanks
Timo Sirainen schrieb:
On Fri, 2010-07-09 at 17:13 +0200, Leander S. wrote:
server postfix/pipe[1603]: 5A0BE7B6A9: to=<admin@server.netocean>, relay=dovecot, delay=0.64, delays=0.02/0.15/0/0.47, dsn=4.3.0, status=deferred (temporary failure)
Make sure deliver can write to logs and look at its log files. http://wiki.dovecot.org/LDA#logging
Ok, I've figured out the issue - but I'm now getting a permission error.
Jul 09 18:19:01 deliver(admin@server.home): Fatal: setgid(2000) failed with euid=65534(nobody), gid=143(dovecot), egid=143(dovecot): Operation not permitted
Can someone explain me where Dovecot needs rights there? Or where Dovecot tries to write something?
Thx
On 07/09/2010 06:46 PM Leander S. wrote:
Jul 09 18:19:01 deliver(admin@server.home): Fatal: setgid(2000) failed with euid=65534(nobody), gid=143(dovecot), egid=143(dovecot): Operation not permitted
see http://wiki.dovecot.org/LDA#Multiple_UIDs
Regards, Pascal
The trapper recommends today: f007ba11.1019018@localdomain.org
Hi,
since Dovecot's deliver is creating folders for the user if needed - is there also a way of how to set the Spam folder for instance to a mode so that it can't be deleted by the user through IMAP anymore?
Thanks
hi,
since Dovecot's deliver is creating folders for the user if needed - is there also a way of how to set the Spam folder for instance to a mode so that it can't be deleted by the user through IMAP anymore?
use the autocreate-plugin:
Am 09.07.2010 um 19:50 schrieb Anton Dollmaier:
hi,
since Dovecot's deliver is creating folders for the user if needed - is there also a way of how to set the Spam folder for instance to a mode so that it can't be deleted by the user through IMAP anymore?
use the autocreate-plugin:
Sounds more like a job for ACLs IMHO.
Jerry schrieb:
On Thu, 08 Jul 2010 15:28:15 +0200 Leander S. <leander.schaefer@googlemail.com> articulated:
dovecot_destination_recipient_limit = 1 virtual_transport = dovecot ^^ Is in the conf.
- I'm using maildir.
- I'm not only having one virutal domain - there is planty of domains running on this system so "virtual_mailbox_domains = your.domain.here" isn't set afaik.
Please post the output of "postconf -n". Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger.
It sounds suspiciously like you have 'virtual' configured incorrectly. When replying, please show which domains are "virtual".
^^ currently this is a testing system - it has a two virtual domains running. They're stored in a PGSQL Backend. What details will be interesting for you? Must I post the table structure with values?
Let me know if you need more
################# #################
server [~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases allow_mail_to_commands = alias, forward allow_mail_to_files = alias, forward append_at_myorigin = yes append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m broken_sasl_auth_clients = no command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 3 default_privs = nobody default_process_limit = 100 default_recipient_limit = 200 disable_dns_lookups = no header_size_limit = 102400 html_directory = /usr/local/share/doc/postfix inet_interfaces = all inet_protocols = ipv4 local_recipient_maps = proxy:unix:passwd.byname $alias_maps mail_name = home-MTA mail_owner = postfix mail_version = 1.0 mailbox_size_limit = 0 mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydestination = $myhostname, localhost.$mydomain, localhost mydomain = home myhostname = server.home mynetworks = 127.0.0.0/8 mynetworks_style = subent myorigin = $myhostname newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_delimiter = + resolve_numeric_domain = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_host_lookup = dns, native smtp_sasl_auth_enable = no smtp_tls_note_starttls_offer = yes smtpd_delay_reject = yes smtpd_enforce_tls = no smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_starttls_timeout = 300s smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes syslog_facility = mail syslog_name = ${multi_instance_name:postfix}${multi_instance_name?$multi_instance_name} tls_random_prng_update_period = 3600s tls_random_source = dev:/dev/urandom transport_maps = pgsql:/usr/local/etc/postfix/transport_maps unknown_local_recipient_reject_code = 550 virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps server [~]#
################# #################
server [~]# postfinger postfinger - postfix configuration on Thu Jul 8 20:32:40 CEST 2010 version: 1.30
Warning: postfinger output may show private configuration information, such as ip addresses and/or domain names which you do not want to show to the public. If this is the case it is your responsibility to modify the output to hide this private information. [Remove this warning with the --nowarn option.]
--System Parameters-- mail_version = 2.6.5 hostname = server.home uname = FreeBSD server.home 8.0-RELEASE FreeBSD 8.0-RELEASE #5: Tue Jun 22 20:48:20 CEST 2010 root@server.home:/usr/obj/usr/src/sys/home amd64
--Packaging information-- looks like this postfix comes from BSD package: postfix-2.6.5,1
--main.cf non-default parameters-- append_dot_mydomain = no biff = no bounce_queue_lifetime = 30m content_filter = smtp-amavis:[127.0.0.1]:10024 debug_peer_level = 3 default_recipient_limit = 200 mail_name = home-MTA mail_version = 1.0 mailbox_size_limit = 0 max_use = 10 maximal_queue_lifetime = 1h message_size_limit = 20971520 mydomain = home mynetworks = 127.0.0.0/8 mynetworks_style = subent recipient_delimiter = + smtp_host_lookup = dns, native smtp_tls_note_starttls_offer = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_tls_CAfile = /etc/ssl/smtp/smtpd.pem smtpd_tls_cert_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_key_file = /etc/ssl/smtp/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_use_tls = yes transport_maps = pgsql:/usr/local/etc/postfix/transport_maps virtual_alias_maps = pgsql:/usr/local/etc/postfix/virtual_alias_maps virtual_gid_maps = pgsql:/usr/local/etc/postfix/virtual_gid_maps virtual_mailbox_base = /usr/local/www/home virtual_mailbox_maps = pgsql:/usr/local/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot virtual_uid_maps = pgsql:/usr/local/etc/postfix/virtual_uid_maps
--master.cf-- smtp inet n - n - - smtpd smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
-- end of postfinger output -- server [~]#
################# #################
server [~]# cat /usr/local/etc/dovecot.conf
Network
protocols = imap imaps pop3 pop3s managesieve listen = * shutdown_clients = yes
Logging
#mail_debug = yes #auth_verbose = yes #auth_debug = yes #auth_debug_passwords = yes log_timestamp = "%b %d %H:%M:%S " syslog_facility = mail
SSL settings
ssl = yes ssl_cert_file = /etc/ssl/dovecot/cert.pem ssl_key_file = /etc/ssl/dovecot/key.pem #ssl_key_password = passphrase
Login processes
verbose_proctitle = yes login_user = dovecot login_greeting = home MailSystem
Mailbox locations and namespaces
Not being used since we use PGSQL Virtual
mail_location = maildir:/var/mail/%d/%n mail_privileged_group = mail
Mail processes
dotlock_use_excl = yes first_valid_uid = 2000 first_valid_gid = 2000
Mailbox handling optimizations
mailbox_idle_check_interval = 30
Maildir-specific settings
maildir_copy_with_hardlinks = yes
IMAP specific settings
protocol imap { #listen = *:143 #ssl_listen = *:993 login_executable = /usr/local/libexec/dovecot/imap-login mail_executable = /usr/local/libexec/dovecot/imap mail_plugins = quota imap_quota mail_plugin_dir = /usr/local/lib/dovecot/imap #imap_max_line_length = 65536 imap_client_workarounds = outlook-idle }
POP3 specific settings
protocol pop3 { #listen = *:110 #ssl_listen = *:995 login_executable = /usr/local/libexec/dovecot/pop3-login mail_executable = /usr/local/libexec/dovecot/pop3 pop3_lock_session = no pop3_uidl_format = %08Xu%08Xv mail_plugins = quota mail_plugin_dir = /usr/local/lib/dovecot/pop3 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh }
ManageSieve specific settings
protocol managesieve {
Login executable location.
#login_executable = /usr/local/libexec/dovecot/managesieve-login
ManageSieve executable location. See IMAPs mail_executable above for
examples how this could be changed.
#mail_executable = /usr/local/libexec/dovecot/managesieve
Maximum ManageSieve command line length in bytes. This setting is
directly borrowed from IMAP. But, since long command lines are very
unlikely with ManageSieve, changing this will not be very useful.
#managesieve_max_line_length = 65536
ManageSieve logout format string:
%i - total number of bytes read from client
%o - total number of bytes sent to client
#managesieve_logout_format = bytes=%i/%o
If, for some inobvious reason, the sieve_storage remains unset, the
ManageSieve daemon uses the specification of the mail_location to
find out
where to store the sieve files (see explaination in
README.managesieve). # The example below, when uncommented, overrides any global mail_location # specification and stores all the scripts in ~/mail/sieve if sieve_storage
is unset. However, you should always use the sieve_storage setting.
# mail_location = mbox:~/mail # To fool ManageSieve clients that are focused on timesieved you can
specify the IMPLEMENTATION capability that the dovecot reports to
clients
(default: "dovecot").
#managesieve_implementation_string = Cyrus timsieved v2.2.13
}LDA specific settings
protocol lda { postmaster_address = admin@server.home mail_plugins = sieve log_path = /var/log/dovecot-deliver.log info_log_path = /var/log/dovecot-deliver.log }
Authentication processes
auth_executable = /usr/local/libexec/dovecot/dovecot-auth auth_cache_size = 0 auth_cache_ttl = 3600 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu disable_plaintext_auth = yes
auth default { mechanisms = cram-md5 passdb sql { args = /usr/local/etc/dovecot-sql.conf } userdb sql { args = /usr/local/etc/dovecot-sql.conf } user = nobody socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } }
Plugin settings
plugin {
The location of the users active script:
sieve = ~/.dovecot.sieve
The include extension fetches the :personal scripts from this
directory. When ManageSieve is used, this is also where scripts
are uploaded.
#sieve_dir = ~/sieve
If the user has no personal active script (i.e. if the file
indicated in sieve= does not exist), use this one:
sieve_global_path = /usr/local/etc/dovecot/sieve/default.sieve
The include extension fetches the :global scripts from this
directory. Extension hamm wir nicht aktiviert.
#sieve_global_dir = /usr/local/etc/dovecot/sieve/global/
Scripts executed before the users script.
E.g. handling messages marked as dangerous
#sieve_before = /var/lib/dovecot/sieve/discard-virusses.sieve
Scripts executed after the users script (if keep is still in effect)
E.g. default mail filing rules.
#sieve_after = /var/lib/dovecot/sieve/after.d/
Quota Section
quota = maildir
}
dict { #quota = pgsql:/usr/local/etc/dovecot-dict-sql.conf } server [~]#
participants (7)
-
Anton Dollmaier
-
Jerry
-
Leander S.
-
Pascal Volk
-
Stan Hoeppner
-
Thomas Leuxner
-
Timo Sirainen