[Dovecot] Maildir parent directory permissions incorrect for new mailbox

2011-06-17 Thread Dominic Marks 

Hi,

My issue is with the automatic creation of parent directories above new 
maildirs. It seems to be that they're being set with incorrect (or 
unhelpful) permissions, applying the permissions of the mailbox down the 
path towards the mailbox root, as opposed to taking the permissions of 
the mailbox root up towards the mailbox.


Our mail is stored under the scheme:

  location = maildir:/var/dovecot/mail/%d/%n:INDEX=/var/dovecot/index/%d/%n

Initially, /var/dovecot consists of acl, index and mail, all empty. The 
permissions on these are:


 ls -l
total 6
drwxrwxr-x  2 hmgp  hmgp  512 17 Jun 12:23 acl
drwxrwxr-x  3 hmgp  hmgp  512 17 Jun 15:56 index
drwxrwxr-x  3 hmgp  hmgp  512 17 Jun 15:56 mail

If I perform a mail delivery to my mailbox, the mailbox parent directory 
is created with the following permissions:


 ls -l
total 2
drwx--  3 dm  hmgp  512 17 Jun 15:56 insidetrading.co.uk

Note that the user ID is my own and the mode restricts all other access. 
When I perform a second delivery to different mailbox under that domain, 
one mapped to a different UID, the delivery fails because that user 
cannot access the parent folder in order to create the new maildir.


I've read on the Wiki that Dovecot copies permissions from the parent 
directory when adding new messages to a mailbox. That would suit my 
situation, but it doesn't happen here. Maybe there is there a reason why 
this is the case?


I've had a look at the code and it it works in the opposite direction, 
starting from the full path (with its associated mode, uid  gid) and 
working by removing a section from the right-hand side each time. For 
me, at least, it would be better if it started from the bottom and 
worked upwards, inheriting the parent uid, gid and mode until the 
mailbox directory, where the existing behaviour would be retained, 
looking like:


 ls -dl insidetrading.co.uk/dm
total 2
drwx--  5 dm  hmgp  512 17 Jun 15:56 dm

I know I could hold all our mail under a single uid/gid or I could fix 
the mode manually, but I'd rather not do either. Am I missing some key 
configuration detail or should I work on a patch for this?


Thanks,
Dominic

 dovecot -n
# 2.0.12: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 8.2-RELEASE amd64
auth_debug = yes
listen = *
mail_debug = yes
mail_plugins = acl
namespace {
  inbox = yes
  location = maildir:/var/dovecot/mail/%d/%n:INDEX=/var/dovecot/index/%d/%n
  prefix =
  separator = /
  type = private
}
namespace {
  list = children
  location = 
maildir:/var/dovecot/mail/%%d/%%n:INDEX=/var/dovecot/index/%%d/shared/%%n

  prefix = shared/%%n
  separator = /
  subscriptions = no
  type = shared
}
passdb {
  args = /usr/local/etc/dovecot/ldap.conf
  driver = ldap
}
plugin {
  acl = vfile
  acl_shared_dict = file:/var/dovecot/acl/%d/%n-shared.db
}
protocols = lmtp imap
service auth {
  unix_listener /var/spool/postfix/private/auth {
mode = 0666
  }
}
service imap-login {
  inet_listener imap {
port = 0
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
  }
}
ssl = required
ssl_ca = /usr/local/etc/ssl/cert/geotrust-all.pem
ssl_cert = /usr/local/etc/ssl/cert/mail.helenmarks.co.uk.pem
ssl_cipher_list = AES+HIGH
ssl_key = /usr/local/etc/ssl/private/mail.helenmarks.co.uk.key
userdb {
  args = /usr/local/etc/dovecot/ldap.conf
  driver = ldap
}
verbose_proctitle = yes
protocol imap {
  mail_plugins = acl imap_acl
}

Re: [Dovecot] Maildir parent directory permissions incorrect for new mailbox

2011-06-17 Thread Dominic Marks 

On 17/06/2011 18:16, e-frog wrote:

On 17.06.2011 18:35, wrote Dominic Marks:

Hi Dominic,


Initially, /var/dovecot consists of acl, index and mail, all empty. The
permissions on these are:

 ls -l
total 6
drwxrwxr-x 2 hmgp hmgp 512 17 Jun 12:23 acl
drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 index
drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 mail

If I perform a mail delivery to my mailbox, the mailbox parent directory
is created with the following permissions:

 ls -l
total 2
drwx-- 3 dm hmgp 512 17 Jun 15:56 insidetrading.co.uk



Blind guess:
You are delivering the mail via postfix local and not via dovecot-lda 
or lmtp?




Hi e-frog,

Nope.

From my main.cf:

virtual_transport = lmtp:unix:private/dovecot-lmtp

From my maillog:

Jun 17 18:37:06 comms dovecot: lmtp(75348): Connect from local
Jun 17 18:37:06 comms dovecot: lmtp(75348, d...@insidetrading.co.uk): 
8en+HVtz+01UJgEA+ZD7hg: 
msgid=20110617183706.04e3c3b...@mail.helenmarks.co.uk: saved mail to INBOX
Jun 17 18:37:06 comms postfix/lmtp[78285]: 04E3C3B618: 
to=d...@insidetrading.co.uk, 
relay=mail.helenmarks.co.uk[private/dovecot-lmtp], delay=0.1, 
delays=0.05/0.04/0/0.01, dsn=2.0.0, status=sent (250 2.0.0 
d...@insidetrading.co.uk 8en+HVtz+01UJgEA+ZD7hg Saved)
Jun 17 18:37:06 comms dovecot: lmtp(75348): Disconnect from local: 
Client quit

Jun 17 18:37:06 comms postfix/qmgr[99310]: 04E3C3B618: removed

In fact, during my tests I invoked the lmtp binary under gdb so I could 
inspect its behaviour, but prior to that I'd been relaying through lmtp.


Thanks,
Dominic

Re: [Dovecot] Dovecot Authentication Problem - Help pls! - RESOLVED

2007-06-05 Thread Dominic Marks 
Odhiambo WASHINGTON wrote:
 * On 04/06/07 16:27 +0300, Wash wrote:
 | * On 04/06/07 15:16 +0300, Timo Sirainen wrote:
 | | On Mon, 2007-06-04 at 09:02 +0300, Odhiambo WASHINGTON wrote:
 | |  I have built and manually copied dovecot-auth to the install
 destination
 | |  and now it id not stripped. Now this is the result of the debug:
 | | ..
 | |  #0  0x805d848 in sql_query_get_result ()
 | |  (gdb) bt
 | |
 | | Now this backtrace looks correct, but it's still stripped. Otherwise
 it
 | | would have shown parameters inside the ().
 |
 | Oh, so do I need to build everything unstripped? That would be difficult
 | when using the ports.
 |

Let me help you then! :-)

cd /usr/ports/mail/dovecot  make CFLAGS+=-g STRIP= install

Will install an unstripped Dovecot.  If you use portupgrade you can set
these are MAKE_ARGS in pkgtools.conf if you want to always have one
available.

Dominic

Re: [Dovecot] .imap files

2007-05-09 Thread Dominic Marks 
L. Scott Loftin wrote:
 Thanks for the quick answers.  My problem isn't about new email now
 showing
 up after the FC4--FC6 upgrade.  It's about trying to get to old email
 (that
 existing under FC4 (Dovecot 0.99.14) not being accessible in any way under
 FC6 (Dovecot 1.0.0).  If I delete the .imap.* files from 0.99.14, I lose
 all
 the old email in the folders.

 Email under 1.0.0 is working perfectly (new mail shows up and is perfectly
 readable by the client).  I just need to find a way to get back to the
 old
 email from 0.99.14's .imap* files.

You can't.  That is not where the mail is stored.

Dominic

Re: [Dovecot] v1.0.0 released

2007-04-13 Thread Dominic Marks 
On Fri, 13 Apr 2007 15:04:23 +0300
Timo Sirainen [EMAIL PROTECTED] wrote:

 http://dovecot.org/releases/dovecot-1.0.0.tar.gz
 http://dovecot.org/releases/dovecot-1.0.0.tar.gz.sig
 
 It took almost 5 years, but it's finally ready. I'm not expecting to
 release v1.0.1 anytime soon, unless someone's been sitting on a major
 bug just waiting for v1.0 to be released. :)

Now that you mention it.

Thanks  Congratulations!!

Dominic

Re: [Dovecot] dovecot-ldap for active directory 2003 r2

2007-03-30 Thread Dominic Marks 
On Thu, 29 Mar 2007 17:15:51 -0300
Claudio Roberto Prateat [EMAIL PROTECTED] wrote:

 Hi,
 
 You have example of the dovecot-ldap.conf for authenticate in active 
 directory 2003 r2 ?
 
 I have squid, apache authenticate in active directory, but dovecot return 
 failed.
 
 Help, please...

Lets see your configuration and the error message then.

 Best regards !

PS. Reply to the list, not to me.

Dominic