Arkadiusz Miśkiewicz
2014-Sep-01 09:14 UTC
dovecot 2.2.13: LMTP delivery with multiple recipients incorrectly mixes users
Hi.
I'm using exim that delivers email over LMTP to dovecot 2.2.13.
I noticed that dovecot LMTP service is sometimes (reare but repeats) mixing
users. Example below.
There is one mail (msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at
KRMXA41>)
that is going to be delivered to multiple local recipients.
Some recipients are delivered properly:
Sep 1 05:40:33 host dovecot: lmtp(3176): Connect from local
Sep 1 05:40:34 host dovecot: lmtp(3176, gbuser1): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:40:34 host dovecot: lmtp(3176, jpuser2): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:40:34 host dovecot: lmtp(3176, rkuser3): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:40:34 host dovecot: lmtp(3176, gbruser4): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:40:34 host dovecot: lmtp(3176, pbauser5): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:40:34 host dovecot: lmtp(3176, mwauser6): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:40:34 host dovecot: lmtp(3176, mdyuser7): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
but some are not:
Sep 1 05:40:34 host dovecot: lmtp(3176, lkrzyuser8): Error:
lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) failed:
Permission denied
Sep 1 05:40:34 host dovecot: lmtp(3176, lkrzyuser8): Error:
file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist)
failed: Permission denied (euid=28371(<unknown>)
egid=17373(<unknown>) missing +x perm:
/var/lib/dovecot/control/gbuser1, dir owned by 67593:17373 mode=0700)
Notice it was trying to deliver to user "lkrzyuser8" but it tries to
access some other user files (dovecot-uidlist).
euid=28371 is indeed "lkrzyuser8" but why it tries to access
"gbuser1" files?
Sep 1 05:40:34 host dovecot: lmtp(3176, lkrzyuser8): Error:
lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) failed:
Permission denied
Sep 1 05:40:34 host dovecot: lmtp(3176, lkrzyuser8): Error:
file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist)
failed: Permission denied (euid=28371(<unknown>)
egid=17373(<unknown>) missing +x perm:
/var/lib/dovecot/control/gbuser1, dir owned by 67593:17373 mode=0700)
Sep 1 05:40:34 host dovecot: lmtp(3176, lkrzyuser8): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: save failed
to INBOX: BUG: Unknown internal error
Above is again the same case.
Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): Error:
lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) failed:
Permission denied
Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): Error:
file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist)
failed: Permission denied (euid=128065(<unknown>)
egid=17373(<unknown>) missing +x perm:
/var/lib/dovecot/control/gbuser1, dir owned by 67593:17373 mode=0700)
Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): Error:
lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) failed:
Permission denied
Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): Error:
file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist)
failed: Permission denied (euid=128065(<unknown>)
egid=17373(<unknown>) missing +x perm:
/var/lib/dovecot/control/gbuser1, dir owned by 67593:17373 mode=0700)
Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): TDO+HNDpA1RoDAAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: save failed
to INBOX: BUG: Unknown internal error
And here again the same problem but with user "wm1user9"
Sep 1 05:40:34 host dovecot: lmtp(3176): Disconnect from local: Successful quit
# doveadm user gbuser1
field value
uid 67593
gid 17373
home /var/mail/gbuser1/
mail maildir:/var/mail/gbuser1/:CONTROL=/var/lib/dovecot/control/gbuser1
# doveadm user lkrzyuser8
field value
uid 28371
gid 17373
home /var/mail/lkrzyuser8/
mail
maildir:/var/mail/lkrzyuser8/:CONTROL=/var/lib/dovecot/control/lkrzyuser8
# doveadm user wm1user9
field value
uid 128065
gid 17373
home /var/mail/wm1user9/
mail maildir:/var/mail/wm1user9/:CONTROL=/var/lib/dovecot/control/wm1user9
Later exim retries delivery and dovecot lmtp succeeds:
Sep 1 05:41:34 host dovecot: lmtp(4737): Connect from local
Sep 1 05:41:34 host dovecot: lmtp(4737, lkrzyuser8): b9F+OsHqA1SBEgAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:41:34 host dovecot: lmtp(4737, wm1user9): b9F+OsHqA1SBEgAA16XVAg:
msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to
INBOX
Sep 1 05:41:34 host dovecot: lmtp(4737): Disconnect from local: Successful quit
The problem is not reasily repeatable. It happens several times a day for
different users each time (while thousands users
are logging in), so I guess some race condition takes place.
# dovecot -n
# 2.2.13: /etc/dovecot/dovecot.conf
doveconf: Warning: service auth { client_limit=1000 } is lower than required
under max. load (8000)
doveconf: Warning: service anvil { client_limit=1000 } is lower than required
under max. load (6003)
# OS: Linux 3.14.17-1 x86_64 xfs
auth_mechanisms = plain login
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@auth_username_translation
= @auth_verbose = yes
default_process_limit = 2000
default_vsz_limit = 512 M
disable_plaintext_auth = no
first_valid_gid = 1500
first_valid_uid = 1500
lda_mailbox_autocreate = yes
lmtp_save_to_detail_mailbox = yes
login_greeting = Mail server ready.
mail_location = maildir:/var/mail/%Ln:CONTROL=/var/lib/dovecot/control/%Ln
mail_log_prefix = "%s(%u): session=<%{session}>, "
mail_plugins = zlib quota
namespace {
hidden = no
inbox = yes
location =
prefix = INBOX.
separator = .
type = private
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
quota = fs:User quota:user
quota2 = fs:Group quota:group
}
postmaster_address = postmaster at somwehere.pl
service auth {
unix_listener auth-userdb {
mode = 0666
}
}
service imap {
process_limit = 2048
}
service pop3 {
process_limit = 1024
}
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lmtp {
auth_username_format = %Ln
auth_username_translation =
}
protocol imap {
imap_logout_format = bytes=%i/%o
mail_max_userip_connections = 20
mail_plugins = zlib quota imap_quota mail_log notify
}
protocol pop3 {
mail_max_userip_connections = 20
mail_plugins = mail_log notify
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s, bytes=%i/%o
pop3_uidl_format = %Mf
}
--
Arkadiusz Mi?kiewicz, arekm / maven.pl
Arkadiusz Miśkiewicz
2014-Sep-10 14:00 UTC
dovecot 2.2.13: LMTP delivery with multiple recipients incorrectly mixes users
On Monday 01 of September 2014, Arkadiusz Mi?kiewicz wrote:> Hi. > > I'm using exim that delivers email over LMTP to dovecot 2.2.13. > > I noticed that dovecot LMTP service is sometimes (reare but repeats) mixing > users. Example below. There is one mail > (msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>) that is going > to be delivered to multiple local recipients.What is worse is that dovecot lmtp can sometimes (if permissions allow that) create mail file, in maildir tree, of user B using user A uid/gid! All that because it mixes users. That leads to more problems (like when using filesystem quota. Since user A has his files (by uid/gid) stored in directory of user B. A cannot access them, delete them but they still eat user A quota). Looks to be some major brokeness in dovecot lmtp. (batch_max = 1 should workaround the problem I think but that's not a solution)> Some recipients are delivered properly: > > Sep 1 05:40:33 host dovecot: lmtp(3176): Connect from local > Sep 1 05:40:34 host dovecot: lmtp(3176, gbuser1): TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:40:34 host dovecot: lmtp(3176, jpuser2): > TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:40:34 host dovecot: lmtp(3176, rkuser3): > TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:40:34 host dovecot: lmtp(3176, gbruser4): > TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:40:34 host dovecot: lmtp(3176, pbauser5): > TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:40:34 host dovecot: lmtp(3176, mwauser6): > TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:40:34 host dovecot: lmtp(3176, mdyuser7): > TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX > > but some are not: > > Sep 1 05:40:34 host dovecot: lmtp(3176, lkrzyuser8): Error: > lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) > failed: Permission denied Sep 1 05:40:34 host dovecot: lmtp(3176, > lkrzyuser8): Error: > file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlis > t) failed: Permission denied (euid=28371(<unknown>) egid=17373(<unknown>) > missing +x perm: /var/lib/dovecot/control/gbuser1, dir owned by > 67593:17373 mode=0700) > > Notice it was trying to deliver to user "lkrzyuser8" but it tries to access > some other user files (dovecot-uidlist). euid=28371 is indeed "lkrzyuser8" > but why it tries to access "gbuser1" files? > > Sep 1 05:40:34 host dovecot: lmtp(3176, lkrzyuser8): Error: > lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) > failed: Permission denied Sep 1 05:40:34 host dovecot: lmtp(3176, > lkrzyuser8): Error: > file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlis > t) failed: Permission denied (euid=28371(<unknown>) egid=17373(<unknown>) > missing +x perm: /var/lib/dovecot/control/gbuser1, dir owned by > 67593:17373 mode=0700) Sep 1 05:40:34 host dovecot: lmtp(3176, > lkrzyuser8): TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: save failed to > INBOX: BUG: Unknown internal error > > Above is again the same case. > > Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): Error: > lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) > failed: Permission denied Sep 1 05:40:34 host dovecot: lmtp(3176, > wm1user9): Error: > file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlis > t) failed: Permission denied (euid=128065(<unknown>) egid=17373(<unknown>) > missing +x perm: /var/lib/dovecot/control/gbuser1, dir owned by > 67593:17373 mode=0700) Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): > Error: lstat(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlist.lock) > failed: Permission denied Sep 1 05:40:34 host dovecot: lmtp(3176, > wm1user9): Error: > file_dotlock_create(/var/lib/dovecot/control/gbuser1/.INBOX/dovecot-uidlis > t) failed: Permission denied (euid=128065(<unknown>) egid=17373(<unknown>) > missing +x perm: /var/lib/dovecot/control/gbuser1, dir owned by > 67593:17373 mode=0700) Sep 1 05:40:34 host dovecot: lmtp(3176, wm1user9): > TDO+HNDpA1RoDAAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: save failed to > INBOX: BUG: Unknown internal error > > And here again the same problem but with user "wm1user9" > > Sep 1 05:40:34 host dovecot: lmtp(3176): Disconnect from local: Successful > quit > > > # doveadm user gbuser1 > field value > uid 67593 > gid 17373 > home /var/mail/gbuser1/ > mail maildir:/var/mail/gbuser1/:CONTROL=/var/lib/dovecot/control/gbuser1 > > > # doveadm user lkrzyuser8 > field value > uid 28371 > gid 17373 > home /var/mail/lkrzyuser8/ > mail > maildir:/var/mail/lkrzyuser8/:CONTROL=/var/lib/dovecot/control/lkrzyuser8 > > > # doveadm user wm1user9 > field value > uid 128065 > gid 17373 > home /var/mail/wm1user9/ > mail > maildir:/var/mail/wm1user9/:CONTROL=/var/lib/dovecot/control/wm1user9 > > > Later exim retries delivery and dovecot lmtp succeeds: > > Sep 1 05:41:34 host dovecot: lmtp(4737): Connect from local > Sep 1 05:41:34 host dovecot: lmtp(4737, lkrzyuser8): > b9F+OsHqA1SBEgAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:41:34 host dovecot: lmtp(4737, wm1user9): > b9F+OsHqA1SBEgAA16XVAg: > msgid=<1ACE53B70631CA45B62348E4EE8757493731A59E at KRMXA41>: saved mail to > INBOX Sep 1 05:41:34 host dovecot: lmtp(4737): Disconnect from local: > Successful quit > > The problem is not reasily repeatable. It happens several times a day for > different users each time (while thousands users are logging in), so I > guess some race condition takes place. > > # dovecot -n > # 2.2.13: /etc/dovecot/dovecot.conf > doveconf: Warning: service auth { client_limit=1000 } is lower than > required under max. load (8000) doveconf: Warning: service anvil { > client_limit=1000 } is lower than required under max. load (6003) # OS: > Linux 3.14.17-1 x86_64 xfs > auth_mechanisms = plain login > auth_username_chars > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@> auth_username_translation = @> auth_verbose = yes > default_process_limit = 2000 > default_vsz_limit = 512 M > disable_plaintext_auth = no > first_valid_gid = 1500 > first_valid_uid = 1500 > lda_mailbox_autocreate = yes > lmtp_save_to_detail_mailbox = yes > login_greeting = Mail server ready. > mail_location = maildir:/var/mail/%Ln:CONTROL=/var/lib/dovecot/control/%Ln > mail_log_prefix = "%s(%u): session=<%{session}>, " > mail_plugins = zlib quota > namespace { > hidden = no > inbox = yes > location > prefix = INBOX. > separator = . > type = private > } > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > mail_log_events = delete undelete expunge copy mailbox_delete > mailbox_rename quota = fs:User quota:user > quota2 = fs:Group quota:group > } > postmaster_address = postmaster at somwehere.pl > service auth { > unix_listener auth-userdb { > mode = 0666 > } > } > service imap { > process_limit = 2048 > } > service pop3 { > process_limit = 1024 > } > > userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > protocol lmtp { > auth_username_format = %Ln > auth_username_translation > } > protocol imap { > imap_logout_format = bytes=%i/%o > mail_max_userip_connections = 20 > mail_plugins = zlib quota imap_quota mail_log notify > } > protocol pop3 { > mail_max_userip_connections = 20 > mail_plugins = mail_log notify > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s, > bytes=%i/%o pop3_uidl_format = %Mf > }-- Arkadiusz Mi?kiewicz, arekm / maven.pl
Possibly Parallel Threads
- Printing problems with samba 3.0.23c and NT4
- More problems with samba 3.0.23c and NT4
- access denied on printer driver upload
- Re: [libvirt] LXC, user namespaces and systemd
- Upgrade 2.2.27 to 2.3.9.2: master(imap): net_connect_unix(imap) failed: Resource temporarily unavailable