I'm getting a permission denied as you can see below :
from /var/log/maillog
Log from /var/log/dovecot.log
from /var/log/dovecot-deliver.log
Here's master.cf :
Here's main.cf
Here's the permissions on the deliver executable..
Here's the dovecot config file:
Any ideas on what I've messed up???
from /var/log/maillog
Code:
Mar 12 00:41:53 smtp postfix/pipe[28230]: 6F3644BE5F2: to=<rickf@example.com>, relay=dovecot, delay=1924, delays=1924/0.05/0/0.04, dsn=4.3.0, status=deferred (temporary failure)
Mar 12 00:41:53 smtp postfix/pipe[28231]: A719F4BE5F7: to=<rickf@example.com>, relay=dovecot, delay=1364, delays=1364/0.02/0/0.03, dsn=4.3.0, status=deferred (temporary failure)Log from /var/log/dovecot.log
Code:
Mar 12 00:41:53 deliver(rickf@example.com): Fatal: setgid(70000) failed with euid=65534(nobody), gid=65534(nobody), egid=65534(nobody): Operation not permitted
Mar 12 00:41:53 deliver(rickf@example.com): Fatal: setgid(70000) failed with euid=65534(nobody), gid=65534(nobody), egid=65534(nobody): Operation not permittedfrom /var/log/dovecot-deliver.log
Code:
Mar 12 00:41:53 deliver(rickf@example.com): Info: auth input: home=/var/spool/vmail/h/70000/70000
Mar 12 00:41:53 deliver(rickf@example.com): Info: auth input: uid=70000
Mar 12 00:41:53 deliver(rickf@example.com): Info: auth input: gid=70000
Mar 12 00:41:53 deliver(rickf@example.com): Info: auth input: mail=maildir:~/Maildir
Mar 12 00:41:53 deliver(rickf@example.com): Info: auth input: home=/var/spool/vmail/h/70000/70000Here's master.cf :
Code:
smtp inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
[ ...trimmed... ]
dovecot unix - n n - - pipe
flags=DORhu user=nobody argv=/usr/local/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}Here's main.cf
Code:
# updated to match tutorial :
# http://www.howtoforge.com/linux_postfix_virtual_hosting
# option notes here : http://www.postfix.org/postconf.5.html
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
myhostname = localhost
mydomain = example.com
myorigin = $mydomain
mydestination =
mynetworks_style = subnet
relay_domains = $mydestination, 127.0.0.1
################################################################################
# virtual domains
################################################################################
virtual_mailbox_domains = pgsql:$config_directory/pgsql-virtual_mailbox_domains.cf
virtual_alias_maps = pgsql:$config_directory/pgsql-virtual_alias_maps.cf
transport_maps = pgsql:$config_directory/pgsql-transport.cf
virtual_minimum_uid = 70000
virtual_uid_maps = pgsql:$config_directory/pgsql-virtual_uid_maps.cf
virtual_gid_maps = pgsql:$config_directory/pgsql-virtual_gid_maps.cf
virtual_mailbox_base = /
virtual_mailbox_maps = pgsql:$config_directory/pgsql-virtual_mailbox_maps.cf
################################################################################
# dovecot LDA
################################################################################
dovecot_destination_recipient_limit = 1
virtual_transport = dovecot:
################################################################################
# dovecot SASL
################################################################################
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
# Keep smtpd_sasl_local_domain identical to Dovecot's auth_default_realm: empty.
# Both are empty by default. Let it commented out.
# Read more at: http://wiki.dovecot.org/Authentication/Mechanisms/DigestMD5
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noplaintext, noanonymous
#smtpd_sasl_security_options = noanonymous
#broken_sasl_auth_clients = yes
################################################################################
# If you want TLS enabled for remote SMTP servers come in to hand off new mail
################################################################################
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem
smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem
smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem
# log handshaking activity.. Otherwise set to 0...
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
tls_random_source = dev:/dev/urandom
################################################################################
# tweak some defaults across the board.
################################################################################
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 10
message_size_limit = 5000000
strict_rfc821_envelopes = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes
header_checks = regexp:$config_directory/header_checks
body_checks = regexp:$config_directory/body_checks
################################################################################
# Define Rules to weed the good from the bad...
################################################################################
smtpd_client_restrictions =
reject_rbl_client,
check_client_access hash:$config_directory/client_access,
reject_unauth_pipelining
smtpd_recipient_restrictions =
# regexp:$config_directory/checks_recipient.regexp,
check_recipient_access hash:$config_directory/access_recipient,
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_unknown_hostname,
reject_rbl_client bl.spamcop.net,
reject_unauth_pipelining,
reject
smtpd_sender_restrictions =
# regexp:$config_directory/checks_sender.regexp,
check_sender_access hash:$config_directory/access_sender,
permit_sasl_authenticated,
permit_mynetworks,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_rbl_client,
reject_unauth_pipeliningHere's the permissions on the deliver executable..
Code:
smtp# ls -la /usr/local/lib/dovecot/deliver
-r-sr-x--- 1 nobody nogroup 841600 Mar 11 22:28 /usr/local/lib/dovecot/deliverHere's the dovecot config file:
Code:
protocols = imaps managesieve
listen = *
disable_plaintext_auth = no
shutdown_clients = yes
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-deliver.log
ssl_cert_file = /etc/ssl/certs/imaps.example.com.cert
ssl_key_file = /etc/ssl/private/imaps.example.com.key
ssl_key_password = XXXXXXXXXX
mail_location = maildir:~/Maildir
mail_privileged_group = mail
mail_debug = yes
dotlock_use_excl = yes
verbose_proctitle = yes
first_valid_uid = 70000
first_valid_gid = 70000
maildir_copy_with_hardlinks = yes
protocol imap {
imap_client_workarounds = delay-newmail netscape-eoh tb-extra-mailbox-sep
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
postmaster_address = postmaster@example.com
mail_plugins = sieve
mail_plugin_dir = /usr/local/lib/dovecot/lda
sendmail_path = /usr/sbin/sendmail
}
auth_username_format = %Lu
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = no
auth default {
verbose = yes
debug = yes
debug_passwords = no
user = nobody
mechanisms = cram-md5 login plain
passdb sql {
args = /usr/local/etc/dovecot-sql.conf
}
userdb sql {
args = /usr/local/etc/dovecot-sql.conf
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = nobody
group = wheel
}
client {
path = /var/run/dovecot/auth-client
mode = 0660
user = postfix
group = postfix
}
}
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}Any ideas on what I've messed up???