Le 1 août 2013 à 15:43, Felix Rubio Dalmau a écrit : > [...] > > Nevertheless, if I remove the segments "'vmail' AS uid, 'vmail' AS gid" and > modify the file conf.d/10-mail.conf to show > > mail_uid = vmail > mail_gid = vmail > > I get this error: > > dovecot: auth: Error: userdb(<mail>): client doesn't have lookup > permissions for this user: userdb reply doesn't contain uid (change userdb > socket permissions) > > Does anybody know what is wrong in my set-up?
Hello Felix, Yes and no... This still remains a bit unclear to me, but you could try something like this: service auth { unix_listener auth-userdb { # default: user = $default_internal_user group = vmail # default: group = mode = 0660 # default: mode = 0666 } } The code has some provisions to avoid the auth-userdb to be too widely open, in spite of that default mode 0666. Changing that mode short-circuits those provisions, and the above is the most secure setting I could think of in the case of a single uid/gid setup. HTH, Axel