Hello all,
I am new to the mailing list and I'm in the process of setting up a
LAMP + mail server. I have configured my MTA (Postfix) to deliver
messages to:
/var/spool/mail/vhosts/domain.tld/name
I have configured Dovecot as follows:
--
# 1.2.2: /usr/local/etc/dovecot.conf
protocols: imap imaps pop3
ssl: no
disable_plaintext_auth: no
login_dir: /usr/local/var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
mail_privileged_group: mail
mail_location: mbox:/var/spool/mail/vhosts/%d:INBOX=/var/spool/mail/vhosts/%d/%n
mail_debug: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
lda:
postmaster_address: postmaster at example.com
auth default:
debug: yes
passdb:
driver: passwd-file
args: /etc/passwd.dovecot
userdb:
driver: passwd
--
Password excepted, my passwd.dovecot file containing a single virtual
user looks like:
richard:{plain}password:504:505::/home/vmail
The uid/gid is the same as used by Postfix (a dedicated vmail
user/group). That user/group owns the mbox I am trying to manipulate
in this example. When I attempt to login via telnet on port 110 I get
the error:
+OK Dovecot ready.
user richard at richardaharwood.com
+OK
pass password
-ERR Authentication failed.
It seems to dislike the fact I specify the domain as part of the login
username. If I repeat and login as: user richard - I am authenticated,
however I get the error:
-ERR [IN-USE] Couldn't open INBOX: Internal error occurred. Refer to
server log for more information.
Tailing the maillog, I see the following:
Aug 8 17:19:01 richardaharwood dovecot: auth(default): client in:
AUTH 1 PLAIN service=pop3 secured lip=83.170.110.193
rip=83.170.110.193 lport=110 rport=58115 resp=<hidden>
Aug 8 17:19:01 richardaharwood dovecot: auth(default):
passwd-file(richard,83.170.110.193): lookup: user=richard
file=/etc/passwd.dovecot
Aug 8 17:19:01 richardaharwood dovecot: auth(default): client out: OK
1 user=richard
Aug 8 17:19:01 richardaharwood dovecot: auth(default): master in:
REQUEST 4 3603 1
Aug 8 17:19:01 richardaharwood dovecot: auth(default):
passwd(richard,83.170.110.193): lookup
Aug 8 17:19:01 richardaharwood dovecot: auth(default): master out:
USER 4 richard system_groups_user=richard uid=500
gid=500 home=/home/richard
Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): Effective
uid=500, gid=500, home=/home/richard
Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): mbox:
data=/var/spool/mail/vhosts/:INBOX=/var/spool/mail/vhosts//richard
Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): fs:
root=/var/spool/mail/vhosts, index=, control=,
inbox=/var/spool/mail/vhosts//richard
Aug 8 17:19:01 richardaharwood dovecot: POP3(richard):
open(/var/spool/mail/vhosts//richard) failed: Permission denied
(euid=500(richard) egid=500(richard) missing +x perm:
/var/spool/mail/vhosts/)
Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): Couldn't open
INBOX: Internal error occurred. Refer to server log for more
information. [2009-08-08 17:19:01]
Aug 8 17:19:01 richardaharwood dovecot: POP3(richard): Couldn't open
INBOX top=0/0, retr=0/0, del=0/0, size=0
Aug 8 17:19:01 richardaharwood dovecot: pop3-login: Login:
user=<richard>, method=PLAIN, rip=83.170.110.193, lip=83.170.110.193,
secured
Assuming I could login with richard at richardaharwood.com, I should
imagine Dovecot will successfully find the inbox, which is located at
/var/spool/mail/vhosts/richardaharwood.com/richard in this example.
I also notice the effective uid/gid is not that specified in the
passwd file? The uid/gid appears to be that of my own ssh account
which is not connected to the mail account that I wish to simply
access as a virtual user. Would anyone be kind enough to point me in
the right direction?
In a nutshell, where am I going wrong with my authentication? This is
a basic setup for the time being, until I get my head around it, but
any pointers would be really appreciated. Have spent quite a few hours
but I don't feel much closer to getting to the bottom of it! :)
Many thanks,
Richard