I googled around looking for this, apparantly my google-fu is failing this
morning. I just switched over to using a Postfix/Dovecot virtual set-up
with Dovecot as the delivery agent. One of my users mistyped his email
address when he paid for something through Paypal and the reciept got
forwarded to everyone. It didn't bounce or just go to Postmaster, it was
delivered to every valid user on the system.
Below is my conf comments stripped:
base_dir= /var/run/dovecot/
login_process_per_connection = no
max_mail_processes = 2048
mail_process_size = 1024
protocols = imap imaps pop3 pop3s
shutdown_clients = yes
log_path = /var/log/dovecot
info_log_path = /var/log.dovecot.info
log_timestamp = "%b %d %H:%M:%S "
ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
ssl_disable = no
disable_plaintext_auth = no
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_greeting = Dovecot ready
mail_location = maildir:/home/vmail/%d/%n
mmap_disable = no
valid_chroot_dirs = /var/spool/mail
protocol lda {
postmaster_address = kat at amtpolitics.com
log_path = /home/vmail/dovecot-deliver.log
# UNIX socket path to master auth server to find users:
auth_socket_path = /var/run/dovecot/auth-master
# Enabling Sieve plugin for server-side mail filtering
# Will be handy for Spam - will be implemented later.
#mail_plugins = cmusieve
#global_script_path = /home/vmail/globalsieverc
}
protocol imap {
login_executable = /usr/lib/dovecot/imap-login
mail_executable = /usr/lib/dovecot/imap
}
protocol pop3 {
login_executable = /usr/lib/dovecot/pop3-login
mail_executable = /usr/lib/dovecot/pop3
pop3_uidl_format = %08Xu%08Xv
}
auth_executable = /usr/lib/dovecot/dovecot-auth
auth_verbose = yes
auth_debug = yes
auth default_with_listener {
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vmail
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
mechanisms = plain login
passdb sql {
# Path for SQL configuration file, see /etc/dovecot/dovecot-sql.conf for
example
args = /etc/dovecot/dovecot-sql.conf
}
userdb static {
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}
}
imap_client_workarounds = delay-newmail outlook-idle netscape-eoh
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
login_process_size = 64
namespace private {
separator = .
prefix = INBOX.
inbox = yes
}
And here's the mail.log from a test message that I sent out:
Mar 16 09:52:46 byron postfix/smtpd[24082]: C75E84F006D:
client=unknown[xxx.xx.xxx.xx], sasl_method=LOGIN,
sasl_username=kat at amtpolitics.com
Mar 16 09:52:46 byron postfix/cleanup[24085]: C75E84F006D:
message-id=<46497375E9264D2BA3BFB31BE37918BC at Kat>
Mar 16 09:52:46 byron postfix/qmgr[19409]: C75E84F006D:
from=<kat at amtpolitics.com>, size=887, nrcpt=10 (queue active)
Mar 16 09:52:47 byron postfix/smtpd[24082]: disconnect from
unknown[216.70.186.80]
Mar 16 09:52:47 byron postfix/pipe[24096]: C75E84F006D:
to=<xxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.27, delays=0.2/0.01/0/0.06, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24092]: C75E84F006D:
to=<xxxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.27, delays=0.2/0.01/0/0.07, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24107]: C75E84F006D:
to=<xxxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.3, delays=0.2/0.04/0/0.06, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24098]: C75E84F006D:
to=<xxxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.3, delays=0.2/0.02/0/0.08, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24102]: C75E84F006D:
to=<kat at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.3, delays=0.2/0.03/0/0.08, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24086]: C75E84F006D:
to=<xxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.31, delays=0.2/0/0/0.1, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24094]: C75E84F006D:
to=<xxxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.31, delays=0.2/0.01/0/0.09, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24105]: C75E84F006D:
to=<xxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.31, delays=0.2/0.03/0/0.07, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24109]: C75E84F006D:
to=<xxxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.31, delays=0.2/0.04/0/0.06, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/pipe[24101]: C75E84F006D:
to=<xxxxx at amtpolitics.com>, orig_to=<nonexistantemail at
amtpolitics.com>,
relay=dovecot, delay=0.33, delays=0.2/0.02/0/0.1, dsn=2.0.0, status=sent
(delivered via dovecot service)
Mar 16 09:52:47 byron postfix/qmgr[19409]: C75E84F006D: removed
Thanks for any help,
Kat
On 3/16/2009, Kat Wisnosky (kat at advancedmicrotargeting.com) wrote:> Below is my conf comments stripped:output of dovecot -n is preferred...
On Mon, 2009-03-16 at 10:35 -0700, Kat Wisnosky wrote:> And here's the mail.log from a test message that I sent out:..> Mar 16 09:52:47 byron postfix/pipe[24096]: C75E84F006D: > to=<xxxx at amtpolitics.com>, orig_to=<nonexistantemail at amtpolitics.com>, > relay=dovecot, delay=0.27, delays=0.2/0.01/0/0.06, dsn=2.0.0, status=sent > (delivered via dovecot service) > Mar 16 09:52:47 byron postfix/pipe[24092]: C75E84F006D: > to=<xxxxx at amtpolitics.com>, orig_to=<nonexistantemail at amtpolitics.com>, > relay=dovecot, delay=0.27, delays=0.2/0.01/0/0.07, dsn=2.0.0, status=sent > (delivered via dovecot service).. So Postfix delivers bounces to everyone by calling Dovecot LDA separately for each bounce? Looks like a Postfix configuration problem to me. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20090316/bdceb6ad/attachment-0002.bin>
Timo wrote:> So Postfix delivers bounces to everyone by calling Dovecot LDA > separately for each bounce? Looks like a Postfix configuration problem > to me.I should have been more specific... because we'd also changed domain names at the time we moved over to using Dovecot as the LDA, I temporarily disabled automatically bouncing mail addressed to invalid users because I figured that we'd have at least one who decided that they didn't want the standard formation of email addresses... What I'd wanted to happen was for Postfix to accept the message(s) and then for them to be delivered to the postmaster address so that I could address the issue. I'm still unsure as to why, when Dovecot couldn't find the user in the tables, it copied the message to every user of the system - that seems like odd behavior, which indicates that even though the system is "working", I need to fine-tune something. And at Charles request, here's the output of dovecot -n: # 1.0.10: /etc/dovecot/dovecot.conf base_dir: /var/run/dovecot/ log_path: /var/log/dovecot info_log_path: /var/log.dovecot.info protocols: imap imaps pop3 pop3s disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_greeting: Dovecot ready login_process_per_connection: no valid_chroot_dirs: /var/spool/mail max_mail_processes: 2048 mail_location: maildir:/home/vmail/%d/%n mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_process_size: 1024 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds: delay-newmail outlook-idle netscape-eoh pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv pop3_client_workarounds: outlook-no-nuls oe-ns-eoh namespace: type: private separator: . prefix: INBOX. inbox: yes auth default_with_listener: mechanisms: plain login verbose: yes debug: yes passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: static args: uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail
Kat Wisnosky wrote, On 3/16/09 1:35 PM:> > I googled around looking for this, apparantly my google-fu is failing this > morning. I just switched over to using a Postfix/Dovecot virtual set-up > with Dovecot as the delivery agent. One of my users mistyped his email > address when he paid for something through Paypal and the reciept got > forwarded to everyone. It didn't bounce or just go to Postmaster, it was > delivered to every valid user on the system. > > Below is my conf comments stripped:Dovecot config is irrelevant. This is a Postfix configuration issue. You've provided the proof of that:> And here's the mail.log from a test message that I sent out: > Mar 16 09:52:46 byron postfix/smtpd[24082]: C75E84F006D: > client=unknown[xxx.xx.xxx.xx], sasl_method=LOGIN, > sasl_username=kat at amtpolitics.com > Mar 16 09:52:46 byron postfix/cleanup[24085]: C75E84F006D: > message-id=<46497375E9264D2BA3BFB31BE37918BC at Kat> > Mar 16 09:52:46 byron postfix/qmgr[19409]: C75E84F006D: > from=<kat at amtpolitics.com>, size=887, nrcpt=10 (queue active)That says that the message from you had 10 recipients as Postfix was queueing it, *BEFORE* it tried any delivery. It is not possible for the Dovecot LDA to be involved in whatever caused the message to have 10 recipients. If you cannot figure out why that is happening from looking at your Postfix config, I would suggest a visit to the Postfix Users' list.
> Date: Wed, 18 Mar 2009 00:31:32 -0400 > From: Bill Cole <dovecot-20061108 at billmail.scconsult.com> > Subject: Re: [Dovecot] Dovecot LDA and "undeliverable" emails > To: Dovecot Mailing List <dovecot at dovecot.org> > Message-ID: <49C07924.7080707 at billmail.scconsult.com> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Kat Wisnosky wrote, On 3/16/09 1:35 PM: >> >> I googled around looking for this, apparantly my google-fu is failing >> this >> morning. I just switched over to using a Postfix/Dovecot virtual set-up >> with Dovecot as the delivery agent. One of my users mistyped his email >> address when he paid for something through Paypal and the reciept got >> forwarded to everyone. It didn't bounce or just go to Postmaster, it was >> delivered to every valid user on the system. >> >> Below is my conf comments stripped: > > Dovecot config is irrelevant. This is a Postfix configuration issue. > You've > provided the proof of that: > > >> And here's the mail.log from a test message that I sent out: >> Mar 16 09:52:46 byron postfix/smtpd[24082]: C75E84F006D: >> client=unknown[xxx.xx.xxx.xx], sasl_method=LOGIN, >> sasl_username=kat at amtpolitics.com >> Mar 16 09:52:46 byron postfix/cleanup[24085]: C75E84F006D: >> message-id=<46497375E9264D2BA3BFB31BE37918BC at Kat> >> Mar 16 09:52:46 byron postfix/qmgr[19409]: C75E84F006D: >> from=<kat at amtpolitics.com>, size=887, nrcpt=10 (queue active) > > That says that the message from you had 10 recipients as Postfix was > queueing it, *BEFORE* it tried any delivery. It is not possible for the > Dovecot LDA to be involved in whatever caused the message to have 10 > recipients. > > If you cannot figure out why that is happening from looking at your > Postfix > config, I would suggest a visit to the Postfix Users' list.Uhg, I win the CluelessnUnobservant Award for this. Thanks everyone for the followups. I caught that myself yesterday and fixed the problem on Postfix's side. To sum up in case anyone else runs in to this, the mistake I made was in assuming that Postfix just made the handoff to Dovecot and that Dovecot would handle the rest, so I commented out the parts of the old config where Postfix handled this when I was using Postfix virtual transport. Once I restored those and gave Postfix the query it needed, it worked fine. Thanks for bearing with me, everyone. Kat