[Dovecot] INBOX permissios woes
Hello,
I have a dovecot system that uses winbind authentication
against Active Directory. I set it up by following the directions in the
wiki. That works great.
When a new user receives an email, the inbox
is created with permissions 600 (rw- --- --) and ownership user:mail ,
even though I did chmod 02770 /var/spool/mail. And then, when dovecot
tries to access the inbox, it throws the error:
Oct 29 13:47:59
imap-login: Info: Login: user=user1, method=PLAIN, rip=10.0.0.6,
lip=10.0.0.26, mpid=29047, secured
Oct 29 13:47:59 imap(user1): Error:
stat(/var/mail/user1) failed: Permission denied
Oct 29 13:47:59
imap(user1): Error: stat(/var/mail/user1) failed: Permission denied
Accessing users' Sent, Trash, creating new folders all that works
fine.
I've been looking at the documentation, reading the wiki,
searching on google, asking on IRC.
If you have any hint or
documentation that I've must have overlooked, please let me know.
Here's my dovecot information:
[josep@testmail ]$ dovecot
--version
2.0.9
[josep@testmail ]$ dovecot -n
# 2.0.9:
/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-279.11.1.el6.x86_64 x86_64
CentOS release 6.3 (Final)
auth_mechanisms = plain ntlm
login
auth_use_winbind = yes
auth_username_format = %Lu
base_dir =
/var/run/dovecot/
debug_log_path = /var/log/dovecot-debug.log
listen =
*
log_path = /var/log/dovecot.log
mail_location =
mbox:~/mail:INBOX=/var/mail/%u
mail_privileged_group =
mail
mbox_write_locks = fcntl
passdb {
driver = pam
}
protocols =
imap
service auth {
unix_listener auth-userdb {
mode = 0600
}
}
ssl_cert = /etc/pki/dovecot/certs/dovecot.pem
ssl_key =
/etc/pki/dovecot/private/dovecot.pem
userdb {
args = uid=503 gid=503
home=/home/vmail/%u
driver = static
}
userdb {
driver =
passwd
}
[josep@testmail ]$
Thank you in advance,
Josep
This transmission is intended for the use of the entity or individual to which
or whom it is addressed. The transmission or any documents accompanying the
transmission may contain confidential information. If you are not the intended
recipient, you are hereby notified that any disclosure, copying, distribution,
or action taken in reliance on the contents of the transmission or the
documents is strictly prohibited. If you have received this confidential
transmission in error, please destroy it and any accompanying documents and
notify the sender immediately. Thank you.
Re: [Dovecot] Upgrade path questions
On Wednesday 13 January 2010 03:14:42 pm Thomas M Goerger wrote: Hi, We are currently running Dovecot v1.1.6 on our servers, and are contemplating an upgrade to 1.2, or 2.0 soon. We are wondering how many organizations are still running a 1.1 version of Dovecot, and if anyone has any thoughts on this transition. Have you upgraded from 1.1 to 1.2? What are your experiences with this? Have you upgraded from 1.1 to 2.0 directly? What are your experiences this way? We are also running an environment with both mbox and maildir formats. How many of you are running similarly, or are running solely maildir or mbox? We're just looking to gather information going forward, and anything you might be able to contribute would be very helpful. Thanks! * Tom Goerger - Email/Unix System Administrator * * University of MinnesotaEmail: t...@umn.edu * Hi Tom, We are running 1.1.x (http://atrpms.net/dist/el4/dovecot-1.1.x/), after a recent upgrade from 0.99 on a CentOS 4 system. The upgrade went flawlessly after reading the wiki, asking a couple of questions here and testing first with a test system. Then I looked at 1.2. I saw there was some possible issues with our set up, so I went with the good old and tried 1.1.x instead. So far 1.1.x is has performed beautiful, so if it is not broken, no reason to fix it. Down the line, I'll plan to upgrade to 1.2.x , after 2.0.x is fully stable. Of course I'll need some time, no current projects in /dev/TODO and a good reason to change something that works just fine :-) Regards, Josep -- Josep L. Guallar-Esteve - IT Department - Eastern Radiologists, Inc. This transmission is intended for the use of the entity or individual to which or whom it is addressed. The transmission or any documents accompanying the transmission may contain confidential information. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or action taken in reliance on the contents of the transmission or the documents is strictly prohibited. If you have received this confidential transmission in error, please destroy it and any accompanying documents and notify the sender immediately. Thank you.
[Dovecot] Upgrading Dovecot on CentOS 4, from 0.99 to 1.x
Hello, We have a production mail server running dovecot 0.99 (dovecot-0.99.14-1.rf). We are getting several errors corrected in dovecot 1.x versions: * corrupted inboxes (garbage at beggining of mbox files), * corrupted index files (Error: Corrupted file index /home/jsmith/.imap/Drafts/.imap.index: Sequence 6 not found from binary tree (6 msgs says header)), * others (Error: fcntl() failed with mbox file /var/mail/jsmith: Resource deadlock avoided), etc. I'm planning to upgrade using the instructions found at dovecot's wiki. -- Josep L. Guallar-Esteve This transmission is intended for the use of the entity or individual to which or whom it is addressed. The transmission or any documents accompanying the transmission may contain confidential information. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or action taken in reliance on the contents of the transmission or the documents is strictly prohibited. If you have received this confidential transmission in error, please destroy it and any accompanying documents and notify the sender immediately. Thank you.
[Dovecot] Upgrading Dovecot on CentOS 4 from 0.99 to 1.x
(sorry for my previous message, I sent it by mistake before finishing it) Hello, We have a production mail server running dovecot 0.99 (dovecot-0.99.14-1.rf). We are getting several errors corrected in dovecot 1.x versions: * corrupted inboxes (garbage at beggining of mbox files), * corrupted index files (Error: Corrupted file index /home/jsmith/.imap/Drafts/.imap.index: Sequence 6 not found from binary tree (6 msgs says header)), * others (Error: fcntl() failed with mbox file /var/mail/jsmith: Resource deadlock avoided), etc. I'm planning to upgrade using the instructions found at dovecot's wiki. On http://atrpms.net/dist/el4/ it is offered in 3 different versions: * dovecot 1..0.15-1_73.el4 * dovecot 1.1.19-1_96.el4 * dovecot 1.2.5-0_100.el4 I have a separated test system, where I'll test upgrading from 0.99 to final selected version, to discover any possible gotchas found while upgrading. Two questions: 1. Which version is the recommended to upgrade? I'd like stability and as little problems as possible over anything else, as we have a simple set up. 2. What is the preferred upgrade method? straight upgrade? (099 - rpm -Fvh dovecot-1.2 ? Or upgrading one release at a time? (0.99 1.0 1.1 ...) Thank you in advance for any recommendation. Regards, Josep -- Josep L. Guallar-Esteve This transmission is intended for the use of the entity or individual to which or whom it is addressed. The transmission or any documents accompanying the transmission may contain confidential information. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or action taken in reliance on the contents of the transmission or the documents is strictly prohibited. If you have received this confidential transmission in error, please destroy it and any accompanying documents and notify the sender immediately. Thank you.
Re: [Dovecot] Enabling security on POP3 and IMAP
Hello Richard, Maybe the included .pem files are bad (expire, pointing to wrong server name or whatnot) I'd generate new .pem files. dovecot documentation points to mkcert.sh script. With this script you can generate your own certificate, after filling in the OpenSSL config file used by mkcert.sh. On my system, the script is located at /usr/libexec/dovecot/mkcert.sh and the configuration file is at: /etc/pki/dovecot/dovecot-openssl.cnf With the key and certificate generated this script, dovecot is happy to work with ssl (imaps i my case) Hope this helps, Josep On Thursday 24 September 2009 11:39:59 am Richard Hobbs wrote: Hello, Thanks again for your response... However, upon closer inspection, it seems that both /etc/ssl/certs/dovecot.pem and /etc/ssl/private/dovecot.pem already exist! I'm running Debian Lenny 5.0 btw - does anyone know if these keys were simply part of the dovecot package, or whether they have been generated during the installation process and are therefore unique? If they are unique, then I don't need to generate my own, perhaps? Thanks again, Richard. Christian Schmidt wrote: Hello Richard, Richard Hobbs, 10.09.2009 (d.m.y): Thanks for the advice - how do i generate ssl cert files and ssl key files? Just use OpenSSL. There's a short description of what to do on http://www.apache-ssl.org - or in any other OpenSSL Howto... Gruss/Regards, Christian Schmidt -- Josep L. Guallar-Esteve - IT Department This transmission is intended for the use of the entity or individual to which or whom it is addressed. The transmission or any documents accompanying the transmission may contain confidential information. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or action taken in reliance on the contents of the transmission or the documents is strictly prohibited. If you have received this confidential transmission in error, please destroy it and any accompanying documents and notify the sender immediately. Thank you.
