Re: Postfix/dovecot: user unrecognized, file permissions being misread

2016-07-05 Thread Edgar Pettijohn 


Sent from my iPhone

> On Jul 5, 2016, at 8:36 PM, C. Andrews Lavarre  wrote:
> 
> Hello all. Thanks to Edgar for the below, but we still have a
> curiosity:
>> On Sun, 2016-07-03 at 17:31 -0500, Edgar Pettijohn wrote:
>>> On 16-07-03 18:17:48, C. Andrews Lavarre wrote:
 On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
 doveconf -n would be helpful
>> Double check me, but I think you only want (1) passdb {} block.
>> ...
>> Same here (userdb {)
> Agree on both, thank you. There are a huge number of files expressing p
> assdb { and userdb { but most are commented out.
> The undesirables were from conf.d/auth-system.conf.ext that I have now
> entirely commented out, since we are not using system users.
> 
>> (and make sure driver = "passdb driver".
> 
> Presumably this means in auth-passwd-file.conf.ext:
>>> userdb {
>>>   driver = passdb driver
> This was commented out.
> I changed it as you say, but it doesn't like it:
>auth: Fatal: Unknown userdb driver 'passdb driver'
> 
> so I changed it back to
> 
>driver = passwd-file
> 
Just meant to use the correct driver.


> Now we have no dovecot.log errors, except:
>The reported error was "IMAP server said BYE: Disconnected:
> Auth process broken

Make sure your passdb and userdb are formatted correctly and can be found where 
you are telling dovecot they are. Also make sure dovecot was compiled with 
passwd-file as an option. I think it is unless specifically removed, but double 
check.

> Tomorrow is another day. 
> I attach the 
> lavarre:/etc/dovecot # doveconf -n >lavarre-160705_conf.txt
> 
> 
> Thank you again.
> Kind regards, Andy
>

Re: Postfix/dovecot: user unrecognized, file permissions being misread

2016-07-05 Thread C. Andrews Lavarre 
Hello all. Thanks to Edgar for the below, but we still have a
curiosity:
On Sun, 2016-07-03 at 17:31 -0500, Edgar Pettijohn wrote:
> On 16-07-03 18:17:48, C. Andrews Lavarre wrote:
> > On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
> > > doveconf -n would be helpful
> Double check me, but I think you only want (1) passdb {} block.
> ...
> Same here (userdb {)
Agree on both, thank you. There are a huge number of files expressing p
assdb { and userdb { but most are commented out.
The undesirables were from conf.d/auth-system.conf.ext that I have now
entirely commented out, since we are not using system users.

> (and make sure driver = "passdb driver".
> 

Presumably this means in auth-passwd-file.conf.ext:
>   > userdb {
>   >   driver = passdb driver
This was commented out.
I changed it as you say, but it doesn't like it:
auth: Fatal: Unknown userdb driver 'passdb driver'

so I changed it back to

driver = passwd-file

Now we have no dovecot.log errors, except:
The reported error was "IMAP server said BYE: Disconnected:
Auth process broken
Tomorrow is another day. 
I attach the 
lavarre:/etc/dovecot # doveconf -n >lavarre-160705_conf.txt


Thank you again.
Kind regards, Andy
# 2.2.18: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.8 (0c4ae064f307+)
# OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4
auth_debug = yes
auth_mechanisms = plain login
auth_verbose = yes
listen = *
log_path = /var/log/dovecot.log
mail_debug = yes
mail_location = maildir:/var/mail/vhosts/%d/%n
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy 
include variables body enotify environment mailbox date index ihave duplicate
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox "Sent Messages" {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix = 
}
passdb {
  args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users
  driver = passwd-file
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_after = /var/mail/vmail/sieve-after
  sieve_before = /var/mail/vmail/sieve-before
  sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
}
service imap-login {
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service lmtp {
  unix_listener /var/spool/postfix/private/lmtp {
group = postfix
mode = 0600
user = postfix
  }
}
service pop3-login {
  inet_listener pop3s {
port = 995
ssl = yes
  }
}
ssl = required
ssl_ca =  was automatically rejected:%n%r
}
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
  mail_max_userip_connections = 10
}

Re: Postfix/dovecot: user unrecognized, file permissions being misread

2016-07-03 Thread Edgar Pettijohn 
On 16-07-03 18:17:48, C. Andrews Lavarre wrote:
> On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
> > doveconf -n would be helpful
> Thank you:
> lavarre:/var/mail/vhosts/privustech.com # doveconf -n
> # 2.2.18: /etc/dovecot/dovecot.conf
> 
> # Pigeonhole version 0.4.8 (0c4ae064f307+)
> 
> # OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4
> 
> auth_mechanisms = plain login
> 
> auth_verbose = yes
> 
> listen = *
> 
> log_path = /var/log/dovecot.log
> 
> mail_debug = yes
> 
> mail_location = maildir:/var/mail/vhosts/%d/%n
> 
> maildir_very_dirty_syncs = yes
> 
> managesieve_notify_capability = mailto
> 
> managesieve_sieve_capability = fileinto reject envelope encoded
> -character vacation subaddress comparator-i;ascii-numeric r
> elational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate
> 
> namespace inbox {
> 
>   inbox = yes
> 
>   location =  
>   mailbox Drafts {
> 
> special_use = \Drafts
> 
>   }
> 
>   mailbox Junk {
> 
> special_use = \Junk
> 
>   }
> 
>   mailbox Sent {
> 
> special_use = \Sent
> 
>   }
> 
>   mailbox "Sent Messages" {
> 
> special_use = \Sent
> 
>   }
> 
>   mailbox Trash {
> 
> special_use = \Trash
> 
>   }
> 
>   prefix =  
> }
> 
> passdb {
> 
>   driver = pam
> 
> }
> 
> passdb {
> 
>   args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users
> 
>   driver = passwd-file
> 
> }

Double check me, but I think you only want (1) passdb {} block.

> 
> plugin {
> 
>   sieve = ~/.dovecot.sieve
> 
>   sieve_after = /var/mail/vmail/sieve-after
> 
>   sieve_before = /var/mail/vmail/sieve-before
> 
>   sieve_dir = ~/sieve
> 
> }
> 
> protocols = imap pop3 sieve
> 
> service auth {
> 
>   unix_listener /var/spool/postfix/private/auth {
> 
> group = postfix
> 
> mode = 0666
> 
> user = postfix
> 
>   }
> 
> }
> 
> service imap-login {
> 
>   inet_listener imaps {
> 
> port = 993
> 
> ssl = yes
> 
>   }
> 
> }
> 
> service lmtp {
> 
>   unix_listener /var/spool/postfix/private/lmtp {
> 
> group = postfix
> 
> mode = 0600
> 
> user = postfix
> 
>   }
> 
> }
> 
> service pop3-login {
> 
>   inet_listener pop3s {
> 
> port = 995
> 
> ssl = yes
> 
>   }
> 
> }
> 
> ssl = required
> 
> ssl_ca =  
> ssl_cert =  
> ssl_dh_parameters_length = 2048
> 
> ssl_key =  
> ssl_options = no_compression
> 
> ssl_prefer_server_ciphers = yes
> 
> userdb {
> 
>   driver = passwd
> 
> }
> 
> userdb {
> 
>   args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
> 
>   driver = static
> 
> }

Same here and make sure driver = "passdb driver".

> 
> verbose_ssl = yes
> 
> protocol lda {
> 
>   deliver_log_format = msgid=%m: %$
> 
>   mail_plugins = sieve
> 
>   postmaster_address = postmas...@privustech.com
> 
>   quota_full_tempfail = yes
> 
>   rejection_reason = Your message to <%t> was automatically
> rejected:%n%r
> 
> }
> 
> protocol imap {
> 
>   imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
> 
>   mail_max_userip_connections = 10
> 
> }
I also noticed your certificate chain is broken.

http://wiki2.dovecot.org/TestInstallation

-- 
Edgar Pettijohn

Re: Postfix/dovecot: user unrecognized, file permissions being misread

2016-07-03 Thread C. Andrews Lavarre 
Edgar hello. Thanks again.
Not sure of the protocol. Perhaps better to keep the entire thread
complete, so here again is doveconf -n with the precendents:
lavarre:/var/mail/vhosts/privustech.com # doveconf -n
# 2.2.18: /etc/dovecot/dovecot.conf

# Pigeonhole version 0.4.8 (0c4ae064f307+)

# OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4

auth_mechanisms = plain login

auth_verbose = yes

listen = *

log_path = /var/log/dovecot.log

mail_debug = yes

mail_location = maildir:/var/mail/vhosts/%d/%n

maildir_very_dirty_syncs = yes

managesieve_notify_capability = mailto

managesieve_sieve_capability = fileinto reject envelope encoded
-character vacation subaddress comparator-i;ascii-numeric r
elational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate

namespace inbox {

  inbox = yes

  location =  
  mailbox Drafts {

special_use = \Drafts

  }

  mailbox Junk {

special_use = \Junk

  }

  mailbox Sent {

special_use = \Sent

  }

  mailbox "Sent Messages" {

special_use = \Sent

  }

  mailbox Trash {

special_use = \Trash

  }

  prefix =  
}

passdb {

  driver = pam

}

passdb {

  args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users

  driver = passwd-file

}

plugin {

  sieve = ~/.dovecot.sieve

  sieve_after = /var/mail/vmail/sieve-after

  sieve_before = /var/mail/vmail/sieve-before

  sieve_dir = ~/sieve

}

protocols = imap pop3 sieve

service auth {

  unix_listener /var/spool/postfix/private/auth {

group = postfix

mode = 0666

user = postfix

  }

}

service imap-login {

  inet_listener imaps {

port = 993

ssl = yes

  }

}

service lmtp {

  unix_listener /var/spool/postfix/private/lmtp {

group = postfix

mode = 0600

user = postfix

  }

}

service pop3-login {

  inet_listener pop3s {

port = 995

ssl = yes

  }

}

ssl = required

ssl_ca =  was automatically
rejected:%n%r

}

protocol imap {

  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep

  mail_max_userip_connections = 10

}


On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
> On 16-07-03 16:44:42, C. Andrews Lavarre wrote:
> > Hello all. Have spent several days following the excellent
> > tutorial:
> > 
> > http://www.binarytides.com/install-postfix-dovecot-debian/
> > 
> > but still fail to have the user recognized and am getting log
> > entries
> > that the mail directories are 0755 when I can clearly see that they
> > are
> > 0774.
> > 
> > Very puzzling, any help would be deeply appreciated.
> > 
> > Best regards, Andy
> > === Details ===
> > ??? I can add directories under IMAP, so my IMAP login and
> > permissions
> > must be correct.
> > 
> > ??? I can create an outgoing message under IMAP, but clicking SEND
> > just
> > hangs. Logs do not indicate problem.
> > 
> > ??? I clearly can send it a message with smtp. The message is
> > delivered
> > to postfix, but then dovecot fails to deliver it to a mailbox.
> > > >  Log Entries --
> > ---
> > ---
> > > > # tail /var/log/mail 
> > > > > > postfix/qmgr[16390]: 9D6E8C1A77: from=<
> > alava...@gmail.com>,
> > size=2794, nrcpt=1 (queue active)
> > > > > > > > Message has been received 
> > 
> > > > > > postfix/lmtp[16770]: C218DC197D: to=<
> > alava...@privustech.com>,
> > relay=mail.privustech.com[private/lmtp], delay=2560,
> > delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation
> > with
> > mail.privustech.com[private/lmtp] timed out while receiving the
> > initial
> > server greeting)
> > > > > > lmtp is not working
> > > > 
> > > > 
> >  > >> > # tail /var/log/dovecot.log 
> > 
> > > > > > auth-worker(16612): Info:
> > pam(alava...@privustech.com,98.179.190.111): unknown user 
> 
> This could be a problem. 
> 
> > 
> > > > > > imap-login: Info: Login: user=
> > ,
> > method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615,
> > TLS,
> > session= 
> > 
> > > > > > imap(alava...@privustech.com): Error:
> > mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed:
> > Permission
> > denied (euid=5000(vmail) egid=5000(vmail) missing +w perm:
> > /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0
> > mode=0755) 
> > However, the mail directory
> > /var/mail/vhosts/privustech.com/alavarre is
> > > >  -rwxrwxr-- vmail:vmail and I have restarted both postfix and
> > dovecot.
> > 
>   
> I'm guessing vmail can't +w somewhere along the path of
> /var/mail/vhosts/etc...
> 
> > =
> > System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL
> > authentication, connecting through a Unix socket:
> > > > /etc/postfix/main.cf:
> > > > > > virtual_transport = lmtp:unix:private/lmtp
> > > > 
> > > >

Re: Postfix/dovecot: user unrecognized, file permissions being misread

2016-07-03 Thread C. Andrews Lavarre 
On Sun, 2016-07-03 at 15:56 -0500, Edgar Pettijohn wrote:
> doveconf -n would be helpful
Thank you:
lavarre:/var/mail/vhosts/privustech.com # doveconf -n
# 2.2.18: /etc/dovecot/dovecot.conf

# Pigeonhole version 0.4.8 (0c4ae064f307+)

# OS: Linux 4.1.26-21-default x86_64 openSUSE 42.1 (x86_64) ext4

auth_mechanisms = plain login

auth_verbose = yes

listen = *

log_path = /var/log/dovecot.log

mail_debug = yes

mail_location = maildir:/var/mail/vhosts/%d/%n

maildir_very_dirty_syncs = yes

managesieve_notify_capability = mailto

managesieve_sieve_capability = fileinto reject envelope encoded
-character vacation subaddress comparator-i;ascii-numeric r
elational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate

namespace inbox {

  inbox = yes

  location =  
  mailbox Drafts {

special_use = \Drafts

  }

  mailbox Junk {

special_use = \Junk

  }

  mailbox Sent {

special_use = \Sent

  }

  mailbox "Sent Messages" {

special_use = \Sent

  }

  mailbox Trash {

special_use = \Trash

  }

  prefix =  
}

passdb {

  driver = pam

}

passdb {

  args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users

  driver = passwd-file

}

plugin {

  sieve = ~/.dovecot.sieve

  sieve_after = /var/mail/vmail/sieve-after

  sieve_before = /var/mail/vmail/sieve-before

  sieve_dir = ~/sieve

}

protocols = imap pop3 sieve

service auth {

  unix_listener /var/spool/postfix/private/auth {

group = postfix

mode = 0666

user = postfix

  }

}

service imap-login {

  inet_listener imaps {

port = 993

ssl = yes

  }

}

service lmtp {

  unix_listener /var/spool/postfix/private/lmtp {

group = postfix

mode = 0600

user = postfix

  }

}

service pop3-login {

  inet_listener pop3s {

port = 995

ssl = yes

  }

}

ssl = required

ssl_ca =  was automatically
rejected:%n%r

}

protocol imap {

  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep

  mail_max_userip_connections = 10

}

Re: Postfix/dovecot: user unrecognized, file permissions being misread

2016-07-03 Thread Edgar Pettijohn 
On 16-07-03 16:44:42, C. Andrews Lavarre wrote:
> Hello all. Have spent several days following the excellent tutorial:
> 
> http://www.binarytides.com/install-postfix-dovecot-debian/
> 
> but still fail to have the user recognized and am getting log entries
> that the mail directories are 0755 when I can clearly see that they are
> 0774.
> 
> Very puzzling, any help would be deeply appreciated.
> 
> Best regards, Andy
> === Details ===
> ??? I can add directories under IMAP, so my IMAP login and permissions
> must be correct.
> 
> ??? I can create an outgoing message under IMAP, but clicking SEND just
> hangs. Logs do not indicate problem.
> 
> ??? I clearly can send it a message with smtp. The message is delivered
> to postfix, but then dovecot fails to deliver it to a mailbox.
>    Log Entries -
> ---
>   # tail /var/log/mail 
>   postfix/qmgr[16390]: 9D6E8C1A77: from=,
> size=2794, nrcpt=1 (queue active)
>   Message has been received 
> 
>   postfix/lmtp[16770]: C218DC197D: to=,
> relay=mail.privustech.com[private/lmtp], delay=2560,
> delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation with
> mail.privustech.com[private/lmtp] timed out while receiving the initial
> server greeting)
>   lmtp is not working
>   
>   
>   # tail /var/log/dovecot.log 
> 
>   auth-worker(16612): Info:
> pam(alava...@privustech.com,98.179.190.111): unknown user 

This could be a problem. 

> 
>   imap-login: Info: Login: user=,
> method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, TLS,
> session= 
> 
>   imap(alava...@privustech.com): Error:
> mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: Permission
> denied (euid=5000(vmail) egid=5000(vmail) missing +w perm:
> /var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 mode=0755) 
> However, the mail directory /var/mail/vhosts/privustech.com/alavarre is
>-rwxrwxr-- vmail:vmail and I have restarted both postfix and dovecot.
>
  
I'm guessing vmail can't +w somewhere along the path of /var/mail/vhosts/etc...

> =
> System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL 
> authentication, connecting through a Unix socket:
>   /etc/postfix/main.cf:
>   virtual_transport = lmtp:unix:private/lmtp
>   
>   /etc/dovecot/conf.d/10-master.cf:   service lmtp {
> unix_listener /var/spool/postfix/private/lmtp {
>   mode = 0600
>   user = postfix
>   group = postfix
> 
> }
> The lmtp socket is owned by postfix, while the mail system is owned by vmail, 
> per the tutorial.
> 
> --
> 
> I am using virtual users (not system users) defined in 
> /etc/dovecot/dovecot-users:
>   alava...@privustech.com:{plain}ksaj;flkasjd;ds;f
>   
> Thanks in advance, Andy

doveconf -n would be helpful
-- 
Edgar Pettijohn

Postfix/dovecot: user unrecognized, file permissions being misread

2016-07-03 Thread C. Andrews Lavarre 
Hello all. Have spent several days following the excellent tutorial:

http://www.binarytides.com/install-postfix-dovecot-debian/

but still fail to have the user recognized and am getting log entries
that the mail directories are 0755 when I can clearly see that they are
0774.

Very puzzling, any help would be deeply appreciated.

Best regards, Andy
=== Details ===
• I can add directories under IMAP, so my IMAP login and permissions
must be correct.

• I can create an outgoing message under IMAP, but clicking SEND just
hangs. Logs do not indicate problem.

• I clearly can send it a message with smtp. The message is delivered
to postfix, but then dovecot fails to deliver it to a mailbox.
 Log Entries -
---
# tail /var/log/mail 
postfix/qmgr[16390]: 9D6E8C1A77: from=,
size=2794, nrcpt=1 (queue active)
Message has been received 

postfix/lmtp[16770]: C218DC197D: to=,
relay=mail.privustech.com[private/lmtp], delay=2560,
delays=2260/0.01/300/0, dsn=4.4.2, status=deferred (conversation with
mail.privustech.com[private/lmtp] timed out while receiving the initial
server greeting)
lmtp is not working


# tail /var/log/dovecot.log 

auth-worker(16612): Info:
pam(alava...@privustech.com,98.179.190.111): unknown user 

imap-login: Info: Login: user=,
method=PLAIN, rip=98.179.190.111, lip=70.186.159.22, mpid=16615, TLS,
session= 

imap(alava...@privustech.com): Error:
mkdir(/var/mail/vhosts/privustech.com/alavarre/cur) failed: Permission
denied (euid=5000(vmail) egid=5000(vmail) missing +w perm:
/var/mail/vhosts/privustech.com/alavarre, dir owned by 0:0 mode=0755) 
However, the mail directory /var/mail/vhosts/privustech.com/alavarre is
 -rwxrwxr-- vmail:vmail and I have restarted both postfix and dovecot.

=
System is openSUSE Leap 42.1 (64). postfix and dovecot with SASL 
authentication, connecting through a Unix socket:
/etc/postfix/main.cf:
virtual_transport = lmtp:unix:private/lmtp

/etc/dovecot/conf.d/10-master.cf:   service lmtp {
  unix_listener /var/spool/postfix/private/lmtp {
mode = 0600
user = postfix
group = postfix

  }
The lmtp socket is owned by postfix, while the mail system is owned by vmail, 
per the tutorial.

--

I am using virtual users (not system users) defined in 
/etc/dovecot/dovecot-users:
alava...@privustech.com:{plain}ksaj;flkasjd;ds;f

Thanks in advance, Andy