On 2021-01-24 18:50, Jeff Abrahamson wrote:
On 24/01/2021 15:42, Jeff Abrahamson wrote:
I've set up a new dovecot+postfix instance with virtual (not system)
users.
[...]
Thanks to several responses here (many thanks!) and much further
hacking, I have moved further.
I now have two problems that I'm hitting my head on. (I've posted my
config below.)
* Delivery has a permission error, but I don't see what is causing
it.
* Authorisation on sending is failing.
1. Delivery
I send mail to j...@mobilitains.fr, which I think should be an
authorised user.
Jan 24 17:19:02 nantes-m1 postfix/qmgr[8025]: 8640AA0C71:
from=<j...@p27.eu>, size=4737, nrcpt=1 (queue active)
Jan 24 17:19:02 nantes-m1 dovecot:
lda(jeff)<10628><pbr+CgasDWCEKQAAvhw8tw>: Error:
mkdir(/var/mail/vmail//jeff/mail) failed: Permission denied
(euid=1000(jeff) egid=1001(jeff) missing +w perm: /var/mail/vmail/,
dir owned by 4000:4000 mode=0755)
Jan 24 17:19:02 nantes-m1 dovecot:
lda(jeff)<10628><pbr+CgasDWCEKQAAvhw8tw>: Error:
mkdir(/var/mail/vmail//jeff/mail) failed: Permission denied
(euid=1000(jeff) egid=1001(jeff) missing +w perm: /var/mail/vmail/,
dir owned by 4000:4000 mode=0755)
This looks to me as if dovecot lda is trying to deliver as user jeff
(uid 1000) instead of the configured uid 4000 from static userdb.
Try to set auth_debug = yes and/or mail_debug = yes to see whats going
on.
Jan 24 17:19:02 nantes-m1 dovecot:
lda(jeff)<10628><pbr+CgasDWCEKQAAvhw8tw>: Error: Mailbox INBOX:
Failed to autocreate mailbox: Internal error occurred. Refer to
server log for more information. [2021-01-24 17:19:02]
Jan 24 17:19:02 nantes-m1 dovecot:
lda(jeff)<10628><pbr+CgasDWCEKQAAvhw8tw>:
msgid=<45693641-2b61-815d-6129-feb9c4e36...@p27.eu>: save failed to
open mailbox INBOX: Mailbox INBOX: Failed to autocreate mailbox:
Internal error occurred. Refer to server log for more information.
[2021-01-24 17:19:02]
Jan 24 17:19:02 nantes-m1 postfix/local[10626]: 8640AA0C71:
to=<j...@nantes-m1.p27.eu>, orig_to=<j...@mobilitains.fr>,
relay=local, delay=593, delays=593/0.01/0/0.02, dsn=4.3.0,
status=deferred (temporary failure. Command output: lda(jeff):
Error: net_connect_unix(/var/run/dovecot/stats-writer) failed:
Permission denied )
for this see
https://doc.dovecot.org/installation_guide/upgrading/from-2.2-to-2.3/?highlight=stats%20writer
Now I know what the words mean: it wants to create the mail directory
where I've asked it to, in /var/mail/vmail/%d/%n/mail, and it's
hitting a permission error, because that directory is owned by vmail
and that bit of dovecot, apparently, doesn't have permission to
read/write there. I can see that some dovecot processes run as vmail,
others as dovecot or dovenull, still others as root (!). I'm unclear
after much reading of docs what I _should_ see here and what I should
change.
[T] jeff@nantes-m1:postfix $ ps axfu | grep dovec
root 607 0.0 0.3 4612 3360 ? Ss 10:12 0:00
/usr/sbin/dovecot -F
dovecot 637 0.0 0.1 4248 1072 ? S 10:12 0:00
\_ dovecot/anvil
root 9852 0.0 0.2 4388 2940 ? S 16:54 0:00
\_ dovecot/log
dovecot 9907 0.0 0.2 4396 2828 ? S 16:54 0:00
\_ dovecot/stats
root 9908 0.0 0.4 5664 4188 ? S 16:54 0:00
\_ dovecot/config
dovenull 9976 0.0 0.6 8476 6584 ? S 16:58 0:00
\_ dovecot/imap-login
vmail 9978 0.0 0.5 6940 5572 ? S 16:58 0:00
\_ dovecot/imap
dovenull 10023 0.0 0.6 8472 6584 ? S 17:04 0:00
\_ dovecot/imap-login
vmail 10024 0.0 0.5 6884 5516 ? S 17:04 0:00
\_ dovecot/imap
jeff 10952 0.0 0.0 8904 672 pts/1 S+ 17:33 0:00
| \_ grep --color=auto dovec
[T] jeff@nantes-m1:postfix $
2. Authorisation on sending
Using thunderbird I try to send an email from my workstation as
j...@mobilitains.fr (myself, as this host sees it) to another user
(myself somewhere else).
Jan 24 17:35:42 nantes-m1 postfix/submission/smtpd[10971]: connect
from 10.244.88.92.rev.sfr.net[92.88.244.10]
Jan 24 17:35:42 nantes-m1 postfix/submission/smtpd[10971]: Anonymous
TLS connection established from
10.244.88.92.rev.sfr.net[92.88.244.10]: TLSv1 with cipher
ECDHE-RSA-AES128-SHA (128/128 bits)
Jan 24 17:35:42 nantes-m1 postfix/submission/smtpd[10971]: warning:
SASL: Connect to private/auth failed: No such file or directory
You configured postfix with smtpd_sasl_path = private/auth but dovecot
is configured to create the socket as
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0600
user = postfix
}
you need to fix either postfix or dovecot configuration.
Jan 24 17:35:42 nantes-m1 postfix/submission/smtpd[10971]: fatal: no
SASL authentication mechanisms
I have set auth_mechanisms in 10-auth.conf to auth_mechanisms = plain
login
see also postfix documentation
http://www.postfix.org/SASL_README.html#server_dovecot
Jan 24 17:35:43 nantes-m1 postfix/master[1634]: warning: process
/usr/lib/postfix/sbin/smtpd pid 10971 exit status 1
Jan 24 17:35:43 nantes-m1 postfix/master[1634]: warning:
/usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
So I'm failing to connect, but the error about private/auth is quite
unclear to me. I think what I've configured is that plaintext auth is
disabled unless on a SSL/TLS connection, and SSL/TLS connections are
required, so plaintext over SSL/TLS is the rule. There's an error
related to smtpd startup, though I'm unclear what that means, since
postfix is running. I think it means it can't run smtpd to send the
mail, but why and where configured is unclear to me.
--
Christian Kivalo
