Dear Aaron/Paul,
These are further findings in my recent testing. This behavior can be
reproduced under the following conditions.
1. Message must be addressed to an alias with at least one external
forwards.
2. Message must contain at least one attachment (attachment less
messages are immune).
3. "EFFECTIVE_USER" must be anything other than "root", possibly with
default "nobody".
In my DBMail setup I use the following for Sendmail executable option
for forwards, replies, notifies, vacations.
/usr/local/Exim/bin/exim -C /usr/local/Exim/etc/exim-queue.conf
I have a feeling that at the following stage there must be something not
going right.
May 24 00:33:57 europa dbmail/lmtpd[31588]: Info:[delivery]
pipe.c,send_mail(+144): opening pipe to [/usr/local/Exim/bin/exim -C
/usr/local/Exim/etc/exim-queue.conf -f [EMAIL PROTECTED]
[EMAIL PROTECTED]
I have attached my dbmail.conf.
Best regards,
Lasantha.
Lasantha Marian wrote:
> Dear Aaron,
>
> No I have not trimmed any dbmail-lmtpd log lines. I have checked all
> logs in which I see "pipe closed" is available only in successflly
> delivered instances (mail.log.1).
>
> Lasantha.
>
> Aaron Stone wrote:
>> Did you trim anything off the end of mail.log.0? I'd like to see a
>> dbmail debug message that says 'pipe closed'. If there isn't one, then
>> for some reason dbmail must have crashed while writing to the pipe. That
>> doesn't really make sense to me; if the pipe was valid (and we do check
>> for that) there should have been a recognizable error.
>>
>> Aaron
>>
>> On Thu, 2007-05-24 at 16:33 +0530, Lasantha Marian wrote:
>>
>>> Dear Paul,
>>>
>>> After several testings, I have noticed that e-mail addresses with
>>> DBMail forwards cause this problem. Following forwarding address
>>> contains both local and external e-mail addresses.
>>>
>>> [EMAIL PROTECTED]
>>> |
>>> |[EMAIL PROTECTED]>11
>>> | |
>>> | |------------------------------>[EMAIL PROTECTED]
>>> |
>>> |[EMAIL PROTECTED]>[EMAIL PROTECTED]
>>> |
>>> |[EMAIL PROTECTED]>22
>>> |
>>> |[EMAIL PROTECTED]>33
>>> |
>>> |------------------------------>[EMAIL PROTECTED]
>>>
>>> But, this worked very fine in DBMail 2.0.10 setup. Further messages
>>> addressed to individual addresses/aliases (internal or external) works
>>> fine.
>>>
>>> As you requested I have attached a the dbmail-lmtpd level 5 logs in
>>> which cases the mail deliveries succeeded and failed.
>>>
>>> Attched file mail.log.0 is the attempt where "EFFECTIVE_USER = nobody"
>>> and delivery failed. Under the same setting a message addressed to an
>>> alias (without any DBMail forwards) gets delivered (in mail.log.2).
>>> The mail.log.1 is where "EFFECTIVE_USER = root" and delivery succeeds.
>>>
>>> Thanks in advance.
>>>
>>> Lasantha.
>>>
>>> Paul J Stevens wrote:
>>>
>>>> Please provide some logs from dbmail-lmtpd so we can get an idea why
>>>> dbmail is
>>>> hanging up. Exim logs don't tell us much.
>>>>
>>>> Lasantha Marian wrote:
>>>>
>>>>
>>>>> Dear Paul/Aaron,
>>>>>
>>>>> Some additional information that I missed last time and thought would be
>>>>> useful is, I ran previous setups on a Ubuntu 6.10-server and now running
>>>>> on Ubuntu 7.04-server.
>>>>>
>>>>> Any help on this is highly appreciated, please.
>>>>>
>>>>> Best regards.
>>>>>
>>>>> Lasantha.
>>>>>
>>>>> *-------- Original Message --------*
>>>>> *Subject: * What should be the EFFECTIVE_USER and it's privileges ?
>>>>> *Date: * Wed, 23/May/2007 8:39:12 PM +0550
>>>>> *From: * Lasantha Marian <[EMAIL PROTECTED]>
>>>>> *To: * DBMail mailinglist <[email protected]>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> Dear Paul/Aron,
>>>>>>
>>>>>> I am testing DBMail 2.2.5-rc3. My environment is DBMail
>>>>>> 2.2.5-rc3/PostgreSQL 8.2.4/Exim 4.67/MailScanner 4.59.4.
>>>>>>
>>>>>> I have faced the following situation with both DBMail 2.2.4 and
>>>>>> 2.2.5-rc2 too.
>>>>>>
>>>>>> When Exim tries to deliver a message to dbmail-lmtpd it refuses to
>>>>>> accept the message giving these errors when "EFFECTIVE_USER = nobody",
>>>>>> which is the recommended in DBMail documentation.
>>>>>>
>>>>>> May 23 09:39:55 europa exim[29651]: 1Hqr2T-0007gU-TX ==
>>>>>> [EMAIL PROTECTED] R=dbmailuser T=dbmail_lmtp_delivery defer (-53):
>>>>>> retry time not reached for any host
>>>>>>
>>>>>> May 23 10:13:15 europa exim[29924]: 1HqraQ-0007mZ-SP ==
>>>>>> [EMAIL PROTECTED] R=dbmailuser T=dbmail_lmtp_delivery defer (-18):
>>>>>> Remote host 127.0.0.1 [127.0.0.1] closed connection in response to end
>>>>>> of data
>>>>>>
>>>>>> But messages get delivered immediately without any errors if the same is
>>>>>> set to "EFFECTIVE_USER = root", which I do not think is aligning with
>>>>>> any good security practices.
>>>>>>
>>>>>> Could somebody shed light on this ? As to why this is happening. Am I
>>>>>> doing something wrong in DBMail setup ?
>>>>>>
>>>>>> Thanks and best regards,
>>>>>>
>>>>>> Lasantha.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>> _______________________________________________
>>>>> DBmail mailing list
>>>>> [email protected]
>>>>> https://mailman.fastxs.nl/mailman/listinfo/dbmail
>>>>>
# (c) 2000-2006 IC&S, The Netherlands
#
# Configuration file for DBMAIL
[DBMAIL]
#
# Database settings
#
#
# Supported drivers are mysql, pgsql, sqlite.
#
driver = pgsql
#
# Supported drivers are sql, ldap.
#
authdriver = sql
#
# Host for database, set to localhost if database is on
# the same host as dbmail and you want to use a local
# socket for connecting.
#
host = localhost
#
# If you want to use TCP/IP for connecting to the database,
# and have the database running on a non-standard port.
#
sqlport = 5432
#
# When using a local socket connection to the database, fill
# in the path to the socket here (e.g. /var/run/mysql.sock).
#
sqlsocket =
#
# Database username.
#
user = dbmail
#
# Database password.
#
pass = XXXXXXXXXXXX
#
# Database name.
#
db = mail_server_00
#
# Table prefix. Defaults to "dbmail_" if not specified.
#
table_prefix = dbmail_
#
# encoding must match the database/table encoding.
# i.e. latin1, utf8
encoding = utf8
#
# messages with unknown encoding will be assumed to have
# default_msg_encoding
# i.e. iso8859-1, utf8
default_msg_encoding = utf8
#
# Postmaster's email address for use in bounce messages.
#
#postmaster = DBMAIL-MAILER
#
# Sendmail executable for forwards, replies, notifies, vacations.
# You may use pipes (|) in this command, for example:
# dos2unix|/usr/sbin/sendmail works well with Qmail.
# You may use quotes (") for executables with unusual names.
#
#sendmail = /usr/sbin/sendmail
sendmail = /usr/local/Exim/bin/exim -C
/usr/local/Exim/etc/exim-queue.conf
#
#
# The following items can be overridden in the service-specific sections.
#
#
#
# Trace level to send to syslog. Default is 2 (messages, errors, fatals).
#
TRACE_SYSLOG = 3
#
# Trace level to send to stderr. Default is 0 (fatals).
#
TRACE_STDERR = 1
#
# Root privs are used to open a port, then privs
# are dropped down to the user/group specified here.
#
EFFECTIVE_USER = nobody
EFFECTIVE_GROUP = nogroup
#
# The IP addresses the services will bind to.
# Use * for all local interfaces.
# Use 127.0.0.1 for localhost only.
# Separate multiple entries with spaces ( ) or commas (,).
#
BINDIP = *
#
# Default number of child processes to start.
#
NCHILDREN = 2
#
# Maximum number of child processes allowed.
#
MAXCHILDREN = 10
#
# Unused children to always have availale.
#
MINSPARECHILDREN = 2
#
# Maximum unused children allowed to be active.
#
MAXSPARECHILDREN = 4
#
# Child process is restarted after handling this many connections.
#
MAXCONNECTS = 10000
#
# Child process will restart after this many connection errors.
#
MAX_ERRORS = 500
#
# Idle time allowed before a connection is shut off.
#
TIMEOUT = 300
#
# If yes, resolves IP addresses to DNS names when logging.
#
RESOLVE_IP = no
#
# logfile for stdout messages
#
logfile = /var/log/dbmail.log
#
# logfile for stderr messages
#
errorlog = /var/log/dbmail.err
#
# directory for storing PID files
#
pid_directory = /var/DBMail/run
#
# directory for storing the daemon statefiles
#
state_directory = /var/DBMail/run
#
# directory for locating libraries (normally has a sane default compiled-in)
#
#library_directory = /usr/lib/dbmail
[SMTP]
# In fact, there isn't anything here by default.
[LMTP]
#
# Port to bind to.
#
PORT = 24
TRACE_SYSLOG = 5
[POP]
#
# Port to bind to.
#
PORT = 110
#
# If yes, allows SMTP access from the host IP connecting by POP3.
# This requires addition configuration of your MTA
#
POP_BEFORE_SMTP = no
[IMAP]
#
# Port to bind to.
#
PORT = 143
#
# IMAP prefers a longer timeout than other services.
#
TIMEOUT = 4000
#
# If yes, allows SMTP access from the host IP connecting by IMAP.
# This requires addition configuration of your MTA
#
IMAP_BEFORE_SMTP = no
[SIEVE]
#
# Port to bind to.
#
PORT = 2000
[LDAP]
PORT = 389
VERSION = 3
HOSTNAME = ldap
BASE_DN = ou=People,dc=mydomain,dc=com
#
# If your LDAP library supports ldap_initialize(), then you can use the
# alternative LDAP server DSN like following.
#
# URI = ldap://127.0.0.1:389
# URI = ldapi://%2fvar%2frun%2fopenldap%2fldapi/
#
# Leave blank for anonymous bind.
# example: cn=admin,dc=mydomain,dc=com
#
BIND_DN =
#
# Leave blank for anonymous bind.
#
BIND_PW =
SCOPE = SubTree
USER_OBJECTCLASS = top,account,dbmailUser
FORW_OBJECTCLASS = top,account,dbmailForwardingAddress
CN_STRING = uid
FIELD_PASSWD = userPassword
FIELD_UID = uid
FIELD_NID = uidNumber
MIN_NID = 10000
MAX_NID = 15000
FIELD_CID = gidNumber
MIN_CID = 10000
MAX_CID = 15000
FIELD_MAIL = mail
FIELD_QUOTA = mailQuota
FIELD_FWDTARGET = mailForwardingAddress
[DELIVERY]
#
# Run Sieve scripts as messages are delivered.
#
SIEVE = yes
#
# Use '[EMAIL PROTECTED]' format to deliver to a mailbox.
#
SUBADDRESS = yes
#
# Turn on/off the Sieve Vacation extension.
#
SIEVE_VACATION = yes
#
# Turn on/off the Sieve Notify extension
#
SIEVE_NOTIFY = yes
#
# Turn on/off additional Sieve debugging.
#
SIEVE_DEBUG = no
#
# Use the auto_notify table to send email notifications.
#
AUTO_NOTIFY = no
#
# Use the auto_reply table to send away messages.
#
AUTO_REPLY = no
#
# Defaults to "NEW MAIL NOTIFICATION"
#
#AUTO_NOTIFY_SUBJECT =
#
# Defaults to POSTMASTER from the DBMAIL section.
#
#AUTO_NOTIFY_SENDER =
# end of configuration file
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
