Re: [Dovecot] Unable to get Dovecot LDA/deliver working
On 19.7.2010, at 22.59, Frank van Amsterdam wrote:
> Scenario 1
>
> -rwsr-xr-x 1 root root 870720 mrt 18 17:54 /usr/lib/dovecot/deliver
>
> Scenario 2
>
> -rwsr-xr-x 1 root root 870720 mrt 18 17:54 /usr/lib/dovecot/deliver
None of these are what http://wiki.dovecot.org/LDA#multipleuids tells you to do.
> Scenario 3
>
> I've changed /etc/sudoers
>
> Defaults:dovelda !syslog
> mail ALL=NOPASSWD:/usr/lib/dovecot/deliver
>
> And I've also changed /etc/postfix/master.cf
>
> dovecot unix - n n - - pipe
> flags=DRhu user=mail:mail argv=/usr/bin/sudo /usr/lib/dovecot/deliver -f
> ${sender} -d ${user}
>
> It looks like this is working for me. Is it secure enough?
Well, I'd use a dedicated user rather than "mail", just in case there is
something else also running as mail.
Re: [Dovecot] Unable to get Dovecot LDA/deliver working
I've been trying a few scenario's.
Scenario 1
I changed the file rights on deliver.
-rwsr-xr-x 1 root root 870720 mrt 18 17:54 /usr/lib/dovecot/deliver
from /var/log/mail.log
Jul 19 16:37:03 h1690641 postfix/pipe[15686]: 3195B9C8934:
to=, orig_to=,
relay=dovecot, delay=0.03, delays=0.03/0/0/0.01, dsn=4.3.0, status=deferred
(temporary failure. Command output: pipe: fatal: pipe_command: execvp
/usr/lib/dovecot/deliver: Permission denied )
Scenario 2
I changed the file rights on deliver again.
-rwsr-xr-x 1 root root 870720 mrt 18 17:54 /usr/lib/dovecot/deliver
from /var/log/mail.log
Jul 19 16:40:38 h1690641 postfix/pipe[17735]: A56E79C8936:
to=, orig_to=,
relay=dovecot, delay=0.07, delays=0.03/0.01/0/0.03, dsn=4.3.0,
status=deferred (temporary failure)
from /var/log/dovecot.log
2010-07-19 16:40:38 deliver(test): Fatal: setgid(55228) failed with
euid=8(mail), gid=8(mail), egid=8(mail): Operation not permitted (This
binary should probably be called with process group set to 55228 instead of
8(mail))
Scenario 3
I've changed /etc/sudoers
Defaults:dovelda !syslog
mail ALL=NOPASSWD:/usr/lib/dovecot/deliver
And I've also changed /etc/postfix/master.cf
dovecot unix - n n - - pipe
flags=DRhu user=mail:mail argv=/usr/bin/sudo /usr/lib/dovecot/deliver -f
${sender} -d ${user}
It looks like this is working for me. Is it secure enough?
Best, Frank
--
From: "Timo Sirainen"
Sent: Monday, July 19, 2010 1:48 AM
To: "Frank van Amsterdam"
Cc:
Subject: Re: [Dovecot] Unable to get Dovecot LDA/deliver working
On 19.7.2010, at 0.42, Frank van Amsterdam wrote:
2010-07-18T03:15:55.870734+02:00 h1690529 postfix/pipe[20360]:
CC8F2AEC087: to=, relay=dovecot, delay=0.03,
delays=0.01/0.01/0/0.01, dsn=4.3.0, status=deferred (temporary failure)
I don't have any clue what this warning/error means.
It means you haven't found the real error message.
http://wiki.dovecot.org/LDA#logging
Re: [Dovecot] Unable to get Dovecot LDA/deliver working
On 19.7.2010, at 0.42, Frank van Amsterdam wrote: > 2010-07-18T03:15:55.870734+02:00 h1690529 postfix/pipe[20360]: CC8F2AEC087: > to=, relay=dovecot, delay=0.03, delays=0.01/0.01/0/0.01, > dsn=4.3.0, status=deferred (temporary failure) > > I don't have any clue what this warning/error means. It means you haven't found the real error message. http://wiki.dovecot.org/LDA#logging
Re: [Dovecot] Unable to get Dovecot LDA/deliver working
I've added some more information. This is the error.
2010-07-18T03:15:55.870734+02:00 h1690529 postfix/pipe[20360]: CC8F2AEC087:
to=, relay=dovecot, delay=0.03, delays=0.01/0.01/0/0.01,
dsn=4.3.0, status=deferred (temporary failure)
I don't have any clue what this warning/error means.
I was 'playing' with /etc/postfix/master.cf.
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d
${us...@${nexthop}
I've tried several parameters like -d , -m or -d
${user}.
2010-07-18T03:43:27.569493+02:00 h1690529 postfix/pipe[3723]: 81238AEC087:
to=, relay=dovecot, delay=0.04, delays=0.01/0.01/0/0.01,
dsn=2.0.0, status=sent (delivered via dovecot service)
It looks like it was delivered properly, but it wasn't. I was written to
/home/vmail/Maildir instead of /home/vmail/test/Maildir. All incoming e-mail
was delivered to /home/vmail/Maildir if i used deliver -d -m
My LDAP tree looks like this and it's very simple.
dc=domain,dc=com
+contacts (Thunderbird contacts)
+groups (mainly Posix groups for applications)
+users (real users and mailing lists)
So the DN of the user 'test' is uid=test,ou=users,dc=domain,dc=com
I want e-mail sent to t...@domain.com or for example test.test.t...@domain
being delivered in the maildir of the user 'test'.
I'm almost sure it has something to do with the deliver parameters. What can
it be?
I'm planning to build a new server. I've done it before. Everytime I make
the same mistake again. That's something what I want to prevent.
Thanks again in advance,
Frank
--
From: "Daniel Luttermann"
Sent: Sunday, July 18, 2010 8:55 PM
To:
Subject: Re: [Dovecot] Unable to get Dovecot LDA/deliver working
Frank van Amsterdam wrote on 18.07.2010:
I want to setup Dovecot LDA, but I don't understand what I'm doing
anymore.
I have to note that I'm a Linux beginner. I've been trying now for
several
months and I'm about to give up. Till so far I'm having no result. :-(
My current setup is done as described at http://www.linuxmail.info. We
use
Postfix 2.3.3 (with Postgrey, Spamassassin and ClamAV), Dovecot 1.2.11
and
OpenLDAP 2.4.1 on CentOS 5.5. All incoming e-mail are delivered by
Postfix
in the users' maildir. We use this as a base for SOGo, our groupware
solution and it runs smoothly.
I have to setup a new mailserver, because we're standardising on Debian.
My
employer wants to have new functions like out-of-office-replies and
forwarding. I want to make use of sieve. Unfortunately I don't know
anyone
who can help me.
If you would like to use Sieve you should use the Dovecot LDA instead
of the Postfix LDA "virtual". You can also use the ManageSieve service
so that users can create their own Sieve scripts. Some clients
supports it like Horde Ingo, Thunderbird with plugin...
When you use Debian (Lenny) you should use Dovecot from backports
(current: 1.2.11) instead of the stable repository.
The Postfix version that comes with Debian Lenny (2.5.5) is OK so it's
not needed to update.
I think the easiest way to implement the Dovecot LDA is to use
virtual_transport or transport_maps if you use "virtual" users or
within mailbox_command for system users - but this depends on your
environment/configuration.
My problem is that I don't understand how the delivery process is
working.
I've read much documentation from Postfix and Dovecot, but I find it too
difficult to understand.
Hmm, there's not much to say about that... If you use virtual_tranport
or transport_maps then Postfix sends the mail to the Dovecot LDA. The
Dovecot LDA handles further delivery of the mail.
What do I understand? I know that I have to make changes in /etc/dovecot,
/etc/postfix/main.cf and /etc/postfix/master.cf as described at
http://wiki.dovecot.org/LDA.
For Postfix all relevant informations are here:
http://wiki.dovecot.org/LDA/Postfix
--
Daniel
Re: [Dovecot] Unable to get Dovecot LDA/deliver working
Frank van Amsterdam wrote on 18.07.2010: > I want to setup Dovecot LDA, but I don't understand what I'm doing anymore. > I have to note that I'm a Linux beginner. I've been trying now for several > months and I'm about to give up. Till so far I'm having no result. :-( > My current setup is done as described at http://www.linuxmail.info. We use > Postfix 2.3.3 (with Postgrey, Spamassassin and ClamAV), Dovecot 1.2.11 and > OpenLDAP 2.4.1 on CentOS 5.5. All incoming e-mail are delivered by Postfix > in the users' maildir. We use this as a base for SOGo, our groupware > solution and it runs smoothly. > I have to setup a new mailserver, because we're standardising on Debian. My > employer wants to have new functions like out-of-office-replies and > forwarding. I want to make use of sieve. Unfortunately I don't know anyone > who can help me. If you would like to use Sieve you should use the Dovecot LDA instead of the Postfix LDA "virtual". You can also use the ManageSieve service so that users can create their own Sieve scripts. Some clients supports it like Horde Ingo, Thunderbird with plugin... When you use Debian (Lenny) you should use Dovecot from backports (current: 1.2.11) instead of the stable repository. The Postfix version that comes with Debian Lenny (2.5.5) is OK so it's not needed to update. I think the easiest way to implement the Dovecot LDA is to use virtual_transport or transport_maps if you use "virtual" users or within mailbox_command for system users - but this depends on your environment/configuration. > My problem is that I don't understand how the delivery process is working. > I've read much documentation from Postfix and Dovecot, but I find it too > difficult to understand. Hmm, there's not much to say about that... If you use virtual_tranport or transport_maps then Postfix sends the mail to the Dovecot LDA. The Dovecot LDA handles further delivery of the mail. > What do I understand? I know that I have to make changes in /etc/dovecot, > /etc/postfix/main.cf and /etc/postfix/master.cf as described at > http://wiki.dovecot.org/LDA. For Postfix all relevant informations are here: http://wiki.dovecot.org/LDA/Postfix -- Daniel
Re: [Dovecot] Unable to get Dovecot LDA/deliver working
On Sun, 18 Jul 2010 19:37:01 +0200
Frank van Amsterdam articulated:
{snip}
Next time, post the output of:
postconf -n
dovecot -n
Please include log entries to show what your problem is.
BTW, your version of Postfix is seriously deprecated. Would it be
possible to update to the latest stable version before continuing with
this venture?
--
Jerry ✌
dovecot.u...@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__
[Dovecot] Unable to get Dovecot LDA/deliver working
I want to setup Dovecot LDA, but I don't understand what I'm doing anymore. I have to note that I'm a Linux beginner. I've been trying now for several months and I'm about to give up. Till so far I'm having no result. :-( My current setup is done as described at http://www.linuxmail.info. We use Postfix 2.3.3 (with Postgrey, Spamassassin and ClamAV), Dovecot 1.2.11 and OpenLDAP 2.4.1 on CentOS 5.5. All incoming e-mail are delivered by Postfix in the users' maildir. We use this as a base for SOGo, our groupware solution and it runs smoothly. I have to setup a new mailserver, because we're standardising on Debian. My employer wants to have new functions like out-of-office-replies and forwarding. I want to make use of sieve. Unfortunately I don't know anyone who can help me. My problem is that I don't understand how the delivery process is working. I've read much documentation from Postfix and Dovecot, but I find it too difficult to understand. What do I understand? I know that I have to make changes in /etc/dovecot, /etc/postfix/main.cf and /etc/postfix/master.cf as described at http://wiki.dovecot.org/LDA. /etc/dovecot.conf # OS: Linux 2.6.18-028stab064.7 i686 CentOS release 5.5 (Final) reiserfs base_dir: /var/run/dovecot/ protocols: imap imaps pop3 pop3s managesieve ssl: no version_ignore: yes login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_executable(managesieve): /usr/libexec/dovecot/managesieve-login mail_location: maildir:/home/vmail/%u/Maildir mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_executable(managesieve): /usr/libexec/dovecot/managesieve mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): managesieve_logout_format(default): bytes=%i/%o managesieve_logout_format(imap): bytes=%i/%o managesieve_logout_format(pop3): bytes=%i/%o managesieve_logout_format(managesieve): bytes ( in=%i : out=%o ) lda: postmaster_address: postmas...@domain.nl mail_plugins: cmusieve mail_plugin_dir: /usr/lib/dovecot/lda deliver_log_format: msgid=%m: %$ -- FROM=%f SUBJECT=%s log_path: /var/log/dovecot-deliver.log info_log_path: /var/log/dovecot-deliver.log syslog_facility: mail sendmail_path: /usr/lib/sendmail rejection_subject: Rejected: %s rejection_reason: Your message to <%t> was automatically rejected:%n%r auth_socket_path: /usr/local/var/run/dovecot-auth-master auth default: mechanisms: plain login username_format: %Lu passdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: static args: uid=500 gid=500 home=/home/vmail/%u socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail plugin: sieve: /var/sieve-scripts/%u.sieve sieve_dir: %h/sieve sieve_global_dir: /var/lib/dovecot/sieve/global/ /etc/postfix/main.cf virtual_mailbox_domains = /etc/postfix/domains ## Plain text file with the domains virtual_mailbox_base = /home/vmail virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf virtual_alias_maps = ldap:/etc/postfix/ldap-groups.cf virtual_uid_maps = static:500 virtual_gid_maps = static:500 dovecot_destination_recipient_limit = 1 #virtual_transport = dovecot ## Commented out to deliver by Postfix /etc/postfix/ldap-users.cf server_host = localhost search_base = dc=domain,dc=com version = 3 query_filter = (&(objectclass=mailUser)(mail=%s)) result_attribute = uid result_format = %s/Maildir/ /etc/postfix/ldap-groups.cf server_host = localhost search_base = dc=domain,dc=com version = 3 query_filter = (&(objectclass=mailGroup)(mail=%s)) leaf_result_attribute = mail special_result_attribute = member /etc/postfix/master.cf dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -d I hope someone can help me, because many people on the internet say that it is easy. If anyone needs more information or anyone can help me, please contact me. Best, Frank --- LS: I know that I'm using Hotmail, but I want to post this anonymously.
