Thanks you very much Viktor and Peter for your prompt and helpful replies.
I did not realize that the private/lmtp created a conflict with a Postfix
listener of the same name. I have changed the name to dovecot-lmtp in both my
Dovecot and my Postfix configuration.
You are also both correct that there is no need for a TCP socket, since Postfix
and Dovecot both run on the same workstation, and that in fact having a TCP
socket is a security weakness. I have removed the listener on port 24.
So, I updated my configuration to that recommended below by Peter.
Now I am getting different error messages:
2025-03-31T21:12:40.600768-07:00 Pluto postfix/local[5485]: F1FF52B407F4:
passing <he...@pluto.wiskit.com> to transport=lmtp
2025-03-31T21:12:40.633307-07:00 Pluto postfix/lmtp[5486]: 540C42B4125B:
to=<he...@pluto.wiskit.com>, relay=pluto.wiskit.com[private/dovecot-lmtp],
conn_use=2, delay=87874, delays=87874/0.14/0/0.07, dsn=4.3.0, status=deferred
(host pluto.wiskit.com[private/dovecot-lmtp] said: 451 4.3.0
<he...@pluto.wiskit.com> Temporary internal error (in reply to RCPT TO command))
My lmtp raw logging shows that Postfix is sending the following data to Dovecot:
1743480760.501086 LHLO pluto.wiskit.com
1743480760.501222 MAIL FROM:<he...@pluto.wiskit.com> BODY=8BITMIME
1743480760.501222 RCPT TO:<he...@pluto.wiskit.com>
Dovecot is responding with:
1743480760.500985 220 Pluto Dovecot (Ubuntu) ready.
1743480760.501116 250-Pluto
1743480760.501116 250-8BITMIME
1743480760.501116 250-CHUNKING
1743480760.501116 250-ENHANCEDSTATUSCODES
1743480760.501116 250-PIPELINING
1743480760.501116 250 STARTTLS
1743480760.501250 250 2.1.0 OK
1743480760.501855 451 4.3.0 <he...@pluto.wiskit.com> Temporary internal error
1743480760.501875 503 5.5.0 No valid recipients
I believe that Postfix should be sending rcpt to:<herbw> rather than rcpt
to:<he...@pluto.wiskit.com>. However, I don't know why Postfix is sending the
incorrect command, or how to fix it. Thank you for any further assistance you
can provide.
Herb
> On Mar 31, 2025, at 6:31 PM, Viktor Dukhovni via Postfix-users
> <postfix-users@postfix.org> wrote:
>
> There's your mistake! You MUST NOT put the LMTP server listener
> socket in the Postfix "private" directory, at least NOT under
> that name. This collides with the listener socket of the
> Postfix "lmtp" delivery agent!
>
> Given you're exposing the service on port 24 on external addresses,
> there's no reaso to go out of your way to protect the Dovecot LMTP
> server socket by making it 0600, and hiding it in
> /var/spool/postfix/private.
>
> --
> Viktor.
> On Mar 31, 2025, at 8:10 PM, Peter via Postfix-users
> <postfix-users@postfix.org> wrote:
>
> You likely don't want lmtp listening for public connections and you probably
> don't need it listening via IMAP at all. Also I would recommend a higher
> port number if you use this at all, like 10024.
>
> As pointed out by Viktor, you can't use lmtp as the socket name here because
> that's already taken by postfix's lmtp service.
>
>> The following is an exceprt of my Postfix configuration:
>> virtual_transport = lmtp:unix:private/lmtp
>> mailbox_transport = lmtp:unix:private/lmtp
>
> You're using a unix socket here so there's no nbeed for lmtp to listen on an
> inet socket (above).
>
> This is the relevant config that I have which works just fine for me:
>
> Dovecot:
>
> protocols = lmtp imap pop3
> service lmtp {
> unix_listener /var/spool/postfix/private/dovecot-lmtp {
> group = postfix
> mode = 0600
> user = postfix
> }
> }
> protocol lmtp {
> mail_plugins = quota sieve
> postmaster_address = postmas...@example.com
> }
>
> Postfix:
> virtual_transport = lmtp:unix:private/dovecot-lmtp
>
> (I don't use lmtp for local delivery, but if you do then use a
> mailbox_transport line as well).
>
> Peter
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
