I am getting the following error when Postfix attempts LMTP delivery :
"lmtp(REDACTED)<32674><7Jm0BSVopmaifwAAbW4UVQ>: Fatal:
setresgid(121(mailbox_user),121(mailbox_user),8(mail)) failed with
euid=111(mailbox_user): Operation not permitted"
mailbox_user is uid 111, gid 121 on my system.
doveconf -n
=============
=============
# 2.3.19.1 (9b53102964): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.19 (4eae2f79)
# OS: Linux 6.1.0-22-cloud-amd64 x86_64 Debian 12.6 xfs
# Hostname: REDACTED
auth_verbose = yes
auth_verbose_passwords = sha1:7
doveadm_password = # hidden, use -P to show it
first_valid_gid = 121
first_valid_uid = 111
imap_capability = +SPECIAL-USE
imapc_features = rfc822.size fetch-headers fetch-bodystructure
imapc_port = 993
imapc_ssl = imaps
last_valid_gid = 121
last_valid_uid = 111
mail_location = maildir:/mnt/mxData/dovecot/%d/%n/Maildir
mail_plugins = notify replication push_notification
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox "Deleted Messages" {
auto = no
special_use = \Trash
}
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/local_sql_users.conf
driver = sql
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap lmtp sieve
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0660
user = postfix
}
vsz_limit = 2 G
}
service doveadm {
inet_listener {
port = 11867
ssl = yes
}
}
service imap-login {
process_min_avail = 5
service_count = 1
}
service lmtp {
process_min_avail = 5
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
user = mailbox_user
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieves {
address =
port = 5190
ssl = yes
}
}
ssl = required
ssl_cert = <REDACTED
ssl_cipher_list =
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
userdb {
args = /etc/dovecot/local_sql_users.conf
default_fields = uid=mailbox_user gid=mailbox_user
home=/mnt/mxData/dovecot/%d/%n
driver = sql
}
protocol lmtp {
mail_plugins = notify replication push_notification sieve
}
protocol lda {
deliver_log_format = msgid=%m: %$
mail_plugins = notify replication push_notification sieve
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol imap {
mail_max_userip_connections = 20
mail_plugins = notify replication push_notification imap_sieve
}
=======
=======
postconf -n
========
========
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
authorized_submit_users =
biff = no
compatibility_level = 2
default_database_type = cdb
disable_vrfy_command = yes
home_mailbox = Maildir/
indexed = ${default_database_type}:${config_directory}/
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
message_size_limit = 20480000
mydestination = REDACTED,localhost
mydomain = REDACTED
myhostname = REDACTED
mynetworks = $config_directory/mynetworks
mynetworks_style = subnet
myorigin = $mydomain
parent_domain_matches_subdomains =
recipient_delimiter = +
smtp_bind_address = 0.0.0.0
smtp_bind_address6 = ::
smtp_sasl_auth_enable = no
smtp_tls_policy_maps = ${indexed}smtp_tls_policy
smtpd_banner = $myhostname ESMTP
smtpd_recipient_restrictions = reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = REDACTED
smtpd_tls_dh1024_param_file = REDACTED
smtpd_tls_eecdh_grade = strong
smtpd_tls_key_file = REDACTED
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_security_level = may
tls_eecdh_strong_curve = prime256v1
tls_preempt_cipherlist = yes
tls_random_source = dev:/dev/random
virtual_alias_maps = pgsql:${config_directory}/pgsql_virtual.conf
virtual_gid_maps = static:121
virtual_mailbox_base = /mnt/mxData/dovecot
virtual_mailbox_domains = ${config_directory}/vhosts
virtual_mailbox_maps = pgsql:${config_directory}/pgsql_vmap.conf
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:111
========
========
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
