-----Original Message----- From: Ben Morrow Sent: Monday, December 31, 2012 8:52 PM To: Dovecot Mailing List Subject: Re: [Dovecot] From Sendmail to Dovecot mdbox, what is missing.
At 5PM -0600 on 31/12/12 you (Torpey List) wrote: >> Sendmail 8.14.4 >> dovecot 2.0.9 >> >> I have sendmail working and it is sending mail to /var/mail/%u. >> I have dovecot working in that I can move emails into IMAP folders and >> I can send email through IMAP. I have set up dovecot to use mdbox >> based on the following: >> mail_location = mdbox:~/mail >> >> However, I seem to be lacking a key piece of information. >> Sendmail is sending the mail to /var/mail/%u as a mbox (single file >> for all emails) format. >> Dovecot wants to read the mail in mdbox (Multiple messages per file, >> but unlike mbox multiple files per mailbox.) So the two programs are >> not working together. >> >> So, I cannot get dovecot to read new emails at /var/mail/%u. >> So I tried changing to the following: >> mail_location = mdbox:~/mail:INBOX=/var/mail/%u >> However, dovecot complains that it is NOT a directory. That is >> because sendmail is sending as mbox format. >> >> I have tried two lines of “mail_location” but that did not work. >> example >> mail_location = mdbox:~/mail ----> for dovecot >> mail_location = mbox:INBOX=/var/mail/%u -----> for sendmail > >No, that doesn't work: in fact, the second line will completely override >the first. If you run 'doveconf -n' or 'doveconf mail_location' you will >see that the first line doesn't have any effect. > I did not expect it to work, but I was trying all that I could before posting a question. >If you want to keep INBOX delivery to mboxes in /var/mail, you can do >this using two namespaces. One points to mdbox:~/mail, and holds the >users' ordinary IMAP folders in mdbox format, and the other has >INBOX=/var/mail/%u and just holds the INBOX. There is an example in >http://wiki2.dovecot.org/Namespaces of doing this with Maildir and mbox; >adjusting it for mdbox shouldn't be hard. > >You will find you need a directory for each user to hold the other >folders in the INBOX namespace, since Dovecot doesn't know there won't >ever be any. This directory is also used to store Dovecot's index files >for that namespace, and it should *not* be the same as the mdbox >directory. According to http://wiki2.dovecot.org/MailLocation/mbox , you >can skip this if you use > > location = mbox:/var/empty:INBOX=/var/mail/%u:INDEX=MEMORY > >(assuming /var/empty is a readonly root-owned empty directory), but >since this tells Dovecot not to store index files on disk it may make >INBOX access less efficient. If you use a real directory rather than >/var/empty you may want to consider enabling the acl plugin and setting >up a global ACL which prevents users from creating additional folders in >the INBOX namespace. > >It's probably also a good idea to set mail_location = mdbox:~/mail and >omit the location parameter from the mdbox namespace, since IIRC >otherwise commands like 'doveadm purge' won't work correctly. > I am going to try an option below. >> I have tried LMTP and dovecot-lda. > >If you want to deliver mail into the mdbox INBOX, and forget about >/var/mail altogether, you will need to get one of these two working >since Sendmail doesn't understand mdbox. This is probably the best >option in the long run, unless you have other software which relies on >mail being in /var/mail. If you pick this option you need to remove all >references to /var/mail from dovecot.conf; with the two lines you had >above Dovecot will simply carry on delivering into /var/mail just as >Sendmail had been. > I would like to deliver new mail into the mdbox INBOX and forget about /var/mail but I did not see how to do this. I think that was the piece of information that I am missing. >> LMTP – I could not see any difference with this added or not. > >If you had configured Dovecot to deliver into /var/mail, that's hardly >surprising. Otherwise, are you sure you were delivering mail to the LMTP >server? If you were you should have seen entries in Dovecot's log file, >and the delivered mail should have ended up with a Received header from >the LMTP server. > I have used egrep and there is no line that has /var/mail that is uncommented in any of the config files. Based on your comment, then no I do not believe the new mail was going through LMTP. >> Dovecot-lda – I have had issues getting it configured. > >What issues? If you were trying to get the LDA to deliver to /var/mail, >it's possible you were running into permissions problems. The best >solution is to deliver into the mdbox instead, or just leave Sendmail to >deliver to /var/mail. > >> Sendmail changes >> FEATURE(`local_procmail', >> `/usr/libexec/dovecot/dovecot-lda',`/usr/libexec/dovecot/dovecot-lda >> -d $u') >> MODIFY_MAILER_FLAGS(`LOCAL', `-f') >> MAILER(procmail)dnl > >I know nothing at all about Sendmail configuration, but going by the >Dovecot wiki that looks correct. Are you sure mail for the appropriate >users was actually getting routed through that mailer? What did you see >in the logs (you need to check both Dovecot's and Sendmail's logs, >wherever they may be). > >Ben Thanks for the information. The email is not being delivered by LTMP because there are no logs. The most documentation that I have found is using dovecot-lda, but as you said there are permissions issues. The wiki implied that LTMP is the best solution but I am not understanding enough to get it set up. Therefore, I am attempting to stick with dovecot-lda *using sudo* from the dovecot-lda wiki page. The wiki said to put /usr/bin/sudo in front of path/dovecot-lda but did not say which one or both. I could not get it to work. The option that has gone the furthest is *Making dovecot-lda setuid-root*. However, I have errors. Here are the permissions. -rwxr-xr-x. 1 root secmail 26512 Aug 18 2011 /usr/libexec/dovecot/dovecot-lda srw-------. 1 mail root 0 Jan 1 08:39 /var/run/dovecot/auth-userdb Errors..... ==> /var/log/maillog <== Jan 1 08:24:02 nala sendmail[20154]: r01EO2qc020154: from=<[email protected]>, size=5723, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA, relay=mail.example.com [192.168.1.152] Jan 01 08:24:02 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=0(root) egid=0(root) missing +r perm: /var/run/dovecot/auth-userdb, euid is dir owner) Jan 01 08:24:02 lda: Fatal: Internal error occurred. Refer to server log for more information. Jan 1 08:24:02 nala sendmail[20155]: r01EO2qc020154: [email protected], delay=00:00:00, xdelay=00:00:00, mailer=local, pri=35889, dsn=4.0.0, stat=Deferred: local mailer (/usr/libexec/dovecot/dovecot-lda) exited with EX_TEMPFAIL ==> /var/log/messages <== Jan 1 08:24:02 nala kernel: type=1400 audit(1357050242.947:42): avc: denied { dac_override } for pid=20156 comm="dovecot-lda" capability=1 scontext=unconfined_u:system_r:dovecot_deliver_t:s0 tcontext=unconfined_u:system_r:dovecot_deliver_t:s0 tclass=capability Jan 1 08:24:02 nala kernel: type=1400 audit(1357050242.947:43): avc: denied { dac_override } for pid=20156 comm="dovecot-lda" capability=1 scontext=unconfined_u:system_r:dovecot_deliver_t:s0 tcontext=unconfined_u:system_r:dovecot_deliver_t:s0 tclass=capability Jan 1 08:24:02 nala kernel: type=1400 audit(1357050242.947:44): avc: denied { dac_read_search } for pid=20156 comm="dovecot-lda" capability=2 scontext=unconfined_u:system_r:dovecot_deliver_t:s0 tcontext=unconfined_u:system_r:dovecot_deliver_t:s0 tclass=capability So, the error appears to be related to /var/run/dovecot/auth-userdb. I have made various permission and owner changes; however, restarting dovecot always returns it to the permissions above. So, even if I find a combination that works, dovecot is going to put it back. Thanks for any help, Steve
