Hi Aki, On Sun, Dec 27, 2020 at 09:18:25PM +0200, Aki Tuomi wrote:> > On 27/12/2020 18:19 Toni Mueller <support at oeko.net> wrote: > > > > 16:04:16 postfix/qmgr[4970]: 8CD6CE072E: from=<user at example.com>, size=880, nrcpt=1 (queue active) > > 16:04:16 dovecot: auth: Debug: master in: USER#0111#011user at example.com#011service=lda > > 16:04:16 dovecot: auth: Debug: prefetch(user at example.com): passdb didn't return userdb entries, trying the next userdb > > 16:04:16 dovecot: auth: Debug: sql(user at example.com): SELECT '/path-to-mailboxen/' || virtual_users.home AS home, uid , gid , quota as quota_rule FROM virtual_users WHERE email = 'user at example.com' AND status = 'A' > > 16:04:16 dovecot: auth: Debug: userdb out: USER#0111#011user at example.com#011home=/path-to-mailboxen/example.com/user#011uid=12345#011gid=12345#011quota_rule=*:storage=0 > > > > ^^^^^^^^^^^^^^^^^^^^^^ > > > > This shows that the database lookup works. The intended effect should be > > that the message is delivered to > > > > /path-to-mailboxen/example.com/user/Maidir/new > > > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: setegid(privileged) failed: Operation not permitted > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) > > > > ^^^^^^^^^^^^^^^^^^^^^^ > > > > And this shows that dovecot-lda just ignores the result. > > > > > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: msgid=<20201226224933.014608 at laptop.example.com>: save failed to open mailbox INBOX: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) > > 16:04:16 postfix/pipe[5284]: 8CD6CE072E: to=<user at example.com>, orig_to=<userA at example2.com>, relay=dovecot, delay=62083, delays=62083/0.04/0/0.04, dsn=4.3.0, status=deferred (temporary failure) > > > > > > In /etc/postfix/master.cf, I have this to call it: > > > > dovecot unix - n n - - pipe > > flags=DRhu user=_mailbox argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${domain} -a ${recipient} > > > Try adding > > mail_privileged_group = mailI am not sure why you recommend this. I never ever want to deliver to /var/mail, and my mailbox directory has group 'mailbox' - hence I have mail_privileged_group = mailbox in my configuration. My question is why this thing wants to deliver to /var/mail, despite having a different location from the userdb, and how I can force it to use the location from the userdb. Thanks, Toni
> On 27/12/2020 21:54 Toni Mueller <support at oeko.net> wrote: > > > Hi Aki, > > On Sun, Dec 27, 2020 at 09:18:25PM +0200, Aki Tuomi wrote: > > > On 27/12/2020 18:19 Toni Mueller <support at oeko.net> wrote: > > > > > > 16:04:16 postfix/qmgr[4970]: 8CD6CE072E: from=<user at example.com>, size=880, nrcpt=1 (queue active) > > > 16:04:16 dovecot: auth: Debug: master in: USER#0111#011user at example.com#011service=lda > > > 16:04:16 dovecot: auth: Debug: prefetch(user at example.com): passdb didn't return userdb entries, trying the next userdb > > > 16:04:16 dovecot: auth: Debug: sql(user at example.com): SELECT '/path-to-mailboxen/' || virtual_users.home AS home, uid , gid , quota as quota_rule FROM virtual_users WHERE email = 'user at example.com' AND status = 'A' > > > 16:04:16 dovecot: auth: Debug: userdb out: USER#0111#011user at example.com#011home=/path-to-mailboxen/example.com/user#011uid=12345#011gid=12345#011quota_rule=*:storage=0 > > > > > > ^^^^^^^^^^^^^^^^^^^^^^ > > > > > > This shows that the database lookup works. The intended effect should be > > > that the message is delivered to > > > > > > /path-to-mailboxen/example.com/user/Maidir/new > > > > > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: setegid(privileged) failed: Operation not permitted > > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) > > > > > > ^^^^^^^^^^^^^^^^^^^^^^ > > > > > > And this shows that dovecot-lda just ignores the result. > > > > > > > > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: Error: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) > > > 16:04:16 dovecot: lda(user at example.com)<5291><DDxBHYCw6F+rFAAApiCoHg>: msgid=<20201226224933.014608 at laptop.example.com>: save failed to open mailbox INBOX: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX: open(/var/mail/user at example.com) failed: Permission denied (euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir owned by 0:8 mode=0775) > > > 16:04:16 postfix/pipe[5284]: 8CD6CE072E: to=<user at example.com>, orig_to=<userA at example2.com>, relay=dovecot, delay=62083, delays=62083/0.04/0/0.04, dsn=4.3.0, status=deferred (temporary failure) > > > > > > > > > In /etc/postfix/master.cf, I have this to call it: > > > > > > dovecot unix - n n - - pipe > > > flags=DRhu user=_mailbox argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${domain} -a ${recipient} > > > > > Try adding > > > > mail_privileged_group = mail > > I am not sure why you recommend this. I never ever want to deliver to > /var/mail, and my mailbox directory has group 'mailbox' - hence I have > > mail_privileged_group = mailbox > > in my configuration. > > My question is why this thing wants to deliver to /var/mail, despite > having a different location from the userdb, and how I can force it to > use the location from the userdb. > > > Thanks, > ToniSorry, I misread your problem.. can you try checking output of `doveadm user <username>` and `doveadm auth lookup <username>` Also, including `doveconf -n` would be useful. Aki
Hi, On Sun, Dec 27, 2020 at 07:54:56PM +0000, Toni Mueller wrote:> My question is why this thing wants to deliver to /var/mail, despite > having a different location from the userdb, and how I can force it to > use the location from the userdb.I forgot to say that this thing has no trouble writing a file to roughly the desired location, reading /path-to-mailboxen/example.com/user/mail/.imap /path-to-mailboxen/example.com/user/mail/.imap/dovecot.list.index.log I've tried again by removing the entire user's directory, then saying "postfix flush" to push the email, when the file above was re-created. Thanks, Toni