On 10/23/2012 9:06 PM, Bill Shirley wrote:
On 10/23/2012 4:52 PM, Troy Vitullo wrote:
Hi,
My server uses a system comprised of postfix, dovecot and dspam to
filter and deliver mail.
Postfix used the following flags in calling spamc and dovecot:
flags=DRhu user=dovecot:secmail argv=/usr/bin/spamc -u ${recipient}
-e /usr/lib/dovecot/deliver -d ${recipient}
after an upgrade from Debian lenny to squeeze we were able to get
everything working except spam filtering. Spamassassin is able to
judge whether the mail coming in is spam but everything stops there.
In mail.err I see:
pamc[3608]: exec failed: Permission denied
spamc shows the same thing in syslog:
exec failed: Permission denied
postfix delays the email:
postfix/pipe[3607]: 50DEFF180EE: to=<[mail]>, relay=dovecot,
delay=1.7, delays=0.07/0.01/0/1.6, dsn=4.3.0, status=deferred (system
resource problem)
Here are the permissions for deliver:
-rwsr-x--- 1 root dovecot 865084 May 25 2011 /usr/lib/dovecot/deliver
Here are the relevant groups:
s1:~# grep dovecot /etc/group
secmail:x:119:postfix,spamd,dovecot
dovecot:x:111:
here's the dovecot user:
s1:~# grep dovecot /etc/passwd
dovecot:x:108:111:Dovecot mail server,,,:/usr/lib/dovecot:/bin/false
here's dovecot -n:
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.26-2-686 i686 Debian 6.0.6
base_dir: /var/run/dovecot/
protocols: imap imaps pop3s pop3
ssl_cert_file: /etc/ssl/certs/s1.troyvit.com.cert
ssl_key_file: /etc/ssl/private/s1.troyvit.com.key
ssl_cipher_list: ALL:!LOW
disable_plaintext_auth: no
verbose_ssl: yes
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/pop3-login
mail_location: maildir:%h/Maildir/
mbox_write_locks: fcntl dotlock
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(pop3): /usr/lib/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
pop3_enable_last(default): no
pop3_enable_last(imap): no
pop3_enable_last(pop3): yes
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls, oe-ns-eoh
pop3_logout_format(default): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_logout_format(imap): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_logout_format(pop3): top=%t/%T, retr=%r/%R, del=%d/%m, size=%s
namespace:
type: private
separator: /
inbox: yes
list: yes
subscriptions: yes
lda:
postmaster_address: postmaster@sphere.local
auth_socket_path: /var/run/dovecot/auth-master
mail_plugin_dir: /usr/lib/dovecot/modules/lda/
mail_plugins: sieve
auth default:
mechanisms: plain login
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: pam
args: dovecot
passdb:
driver: sql
args: /etc/dovecot/dovecot-sql.conf
userdb:
driver: passwd
userdb:
driver: sql
args: /etc/dovecot/dovecot-sql.conf
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 438
user: dovecot
plugin:
sieve_global_path: /etc/dovecot/default.sieve
sieve: /srv/%d/mail/%n/%n.sieve
Many thanks in advance for any advice you can give.
Troy
What is your mailbox_command in main.cf? I just use:
mailbox_command = /usr/bin/spamc -u "$USER" -e
/usr/lib64/dovecot/deliver -a "$RECIPIENT" -f "$SENDER" -m "$EXTENSION"
I don't need anything in master.cf. But you should be using -u
${user} for spamc.
Bill
Forgot to ask, are you using Spamassassin's per-user configs? If you're
not, that probably is your problem. It's probably trying to update
bayes tokens and it doesn't have permission.
I use per-user configs which are nice. One man's spam is another man's
ham. Plus each user can have his/her own whitelist.
I use these spamd args: -d -c -m10 --user-config
You usually can find the args in /etc/sysconfig.
Bill