dovecot - Jan 2017 - Mailbox problem on centos O/S after some "fiddling"

Good day from Somerset, England

Version 2.2.10

Problem after a huge centos update

Data:-  Server has 8 mailboxes under /var/mail/"user name"

history:- After update, mail to ONE user was going into mqueue as 
undeliverable
          Had to delete and recreate the user.

          somewhere along the line (ME!) /var/mail/;imap   var/mail/new
          were deleted

          After new user and reboot server no one could access mailboxes
          with password error except ONE user randomly....This created
          the /var/mail/.mbox folder and sub folders but with the owner
          as the user name.  Then any mail for other users was put in the
          /var/new folder and just sat there.

          only the "owner" of this folder could get mail, everyone
else was
          prohibited with password error.

          chown the folder (owner:group) to root did nothing

          BUT

          When .mbox was give PUBLIC execute permissions (771) suddenly
          everything works fine!

I do not understand why dovecot creates this folder as we ONLY ever use pop3
(currently with plain text auth but going to secure when this sorted)
for mail and also why when it writes the blank folder it "owns" it
with the
user accessing it (also the /var/mail/new folder takes the same owner)

I have trolled everywhere and spent a whole day on this so any clues would
be very gratefully accepted as do not like to leave this folder as 771 (note
the folder INBOX within it is only 770 and the log file in that is 660)

Is this INBOX needed at all for pop3 ?

rgds
John Richards
UK

=================   



dovecot -n

# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-514.2.2.el7.x86_64 x86_64 CentOS Linux release 
7.3.1611 
(Core
)  ext4
auth_mechanisms = plain login
disable_plaintext_auth = no
mail_location = mbox:/var/mail/:INBOX=/var/mail/%u
mbox_write_locks = fcntl
namespace inbox {
  inbox = yes
  location   mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix }
passdb {
  driver = shadow
}
protocols = pop3
service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
}
ssl_cert = </etc/pki/tls/certs/watchetwebdesign.co.uk.crt
ssl_key = </etc/pki/tls/private/watchetwebdesign.co.uk.key
userdb {
  driver = passwd
}

> On 19/01/2017 21:47 John Richards <john at watchetwebdesign.co.uk>
wrote:
> 
>  
> Good day from Somerset, England
> 
> Version 2.2.10
> 
> Problem after a huge centos update
> 
> Data:-  Server has 8 mailboxes under /var/mail/"user name"
> 
> history:- After update, mail to ONE user was going into mqueue as 
> undeliverable
>           Had to delete and recreate the user.
> 
>           somewhere along the line (ME!) /var/mail/;imap   var/mail/new
>           were deleted
> 
>           After new user and reboot server no one could access mailboxes
>           with password error except ONE user randomly....This created
>           the /var/mail/.mbox folder and sub folders but with the owner
>           as the user name.  Then any mail for other users was put in the
>           /var/new folder and just sat there.
> 
>           only the "owner" of this folder could get mail,
everyone else was
>           prohibited with password error.
> 
>           chown the folder (owner:group) to root did nothing
> 
>           BUT
> 
>           When .mbox was give PUBLIC execute permissions (771) suddenly
>           everything works fine!
> 
> I do not understand why dovecot creates this folder as we ONLY ever use
pop3
> (currently with plain text auth but going to secure when this sorted)
> for mail and also why when it writes the blank folder it "owns"
it with the
> user accessing it (also the /var/mail/new folder takes the same owner)
> 
> I have trolled everywhere and spent a whole day on this so any clues would
> be very gratefully accepted as do not like to leave this folder as 771
(note
> the folder INBOX within it is only 770 and the log file in that is 660)
> 
> Is this INBOX needed at all for pop3 ?
> 
> rgds
> John Richards
> UK
> 
> =================   
> 
> 
> 
> dovecot -n
> 
> # 2.2.10: /etc/dovecot/dovecot.conf
> # OS: Linux 3.10.0-514.2.2.el7.x86_64 x86_64 CentOS Linux release 
> 7.3.1611 
> (Core
> )  ext4
> auth_mechanisms = plain login
> disable_plaintext_auth = no
> mail_location = mbox:/var/mail/:INBOX=/var/mail/%u
> mbox_write_locks = fcntl
> namespace inbox {
>   inbox = yes
>   location >   mailbox Drafts {
>     special_use = \Drafts
>   }
>   mailbox Junk {
>     special_use = \Junk
>   }
>   mailbox Sent {
>     special_use = \Sent
>   }
>   mailbox "Sent Messages" {
>     special_use = \Sent
>   }
>   mailbox Trash {
>     special_use = \Trash
>   }
>   prefix > }
> passdb {
>   driver = shadow
> }
> protocols = pop3
> service imap-login {
>   inet_listener imap {
>     port = 143
>   }
>   inet_listener imaps {
>     port = 993
>     ssl = yes
>   }
> }
> ssl_cert = </etc/pki/tls/certs/watchetwebdesign.co.uk.crt
> ssl_key = </etc/pki/tls/private/watchetwebdesign.co.uk.key
> userdb {
>   driver = passwd
> }
> mail_location = mbox:/var/mail/:INBOX=/var/mail/%u
You are putting everyone's non-INBOX folders into same place. And indexes.
I'm amazed anything works.
> mail_location = mbox:~/.mail:INBOX=/var/mail/%u
Is much safer.

Aki