Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Warnings on postfix startup

2,525 views
Skip to first unread message

Ralf Hildebrandt

unread,
Nov 1, 2002, 12:46:36 AM11/1/02
to
On Thu, Oct 31, 2002 at 11:13:30PM +0100, Georg Gretz wrote:

> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by postfix: /var/spool/postfix/saved
> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc
> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc/openldap
> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc/openldap/ldap.conf
> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc/pam.d
> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc/pam.d/chfn
> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc/pam.d/chsh
> Oct 31 21:19:35 p15107547 postfix/postfix-script: warning: not owned by root: /var/spool/postfix/etc/pam.d/imap

These are copies from /etc/*. Run the LINUX2 script (which sets up the
chroot() jail on Linux) and run "postfix check" again.

--
Ralf Hildebrandt Ralf.Hil...@charite.de
Postfix Tips: http://www.arschkrebs.de/postfix/ Tel. +49 (0)30-450 570-155
My other computer is your windows box.
-
To unsubscribe, send mail to majo...@postfix.org with content
(not subject): unsubscribe postfix-users

Georg Gretz

unread,
Nov 1, 2002, 5:12:46 AM11/1/02
to
Hello Ralf,

I've run the script, but it didn't help. I've copied the files that differ by hand, but the "not owned by root" warning is still there. Du I have to "chown root" them all? I've set no demon to be run chrooted in my master.cf, do I have to change there something?

I have here about 7 howtos to setup postfix as mail server, but not one of them are working right on my system. Do you know any howto/faq that can be used by a real newbie?

Thanks,

Georg

Ralf Hildebrandt

unread,
Nov 1, 2002, 5:47:16 AM11/1/02
to
On Fri, Nov 01, 2002 at 11:12:01AM +0100, Georg Gretz wrote:
> Hello Ralf,
>
> I've run the script, but it didn't help. I've copied the files that
> differ by hand, but the "not owned by root" warning is still there.

Make those files owned by root (the originals!). Whom do they belong
to anyway?

> Do I have to "chown root" them all? I've set no demon to be run


> chrooted in my master.cf, do I have to change there something?

No.

> I have here about 7 howtos to setup postfix as mail server, but not
> one of them are working right on my system. Do you know any howto/faq
> that can be used by a real newbie?

Hey, what you see are just warnings.

--
Ralf Hildebrandt Ralf.Hil...@charite.de
Postfix Tips: http://www.arschkrebs.de/postfix/ Tel. +49 (0)30-450 570-155

There is no Darkness in Eternity, only Light too dim for us to see
(Unless you're working with NT)

Georg Gretz

unread,
Nov 1, 2002, 2:51:44 PM11/1/02
to
Hello Simon,

I'm trying to set up a mailing service for our customers, the management of the users hast to work over a mysql db, so I don't have to add each mail user as system user. The server is a dedicated machine with a permanent internet connection, running with Suse 7.2.

- The server has to receive mail from internet and sort it into the mailboxes. The assignment email-address <-> pop-box has to be managed thru a mysql db. Postfix has to search for the particular address in the db and put the mail into the pop-box.

- As POP/IMAP server I would like to set up Courier IMAP for authentication and serving mails to the user.

- Also Posfix hast to act as a SMTP server to our customers. They have to authenticate over SMTP-Auth with the same username and password like on the IMAP server.

I've already read the Postfix/CourierIMAP/MySQL howto, but I am a newbie on Linux (I'm usualy a coder ;) so the howto was not "simple" enough :-)

My questions:

- Do I have to use SASL/PAM_mysql for SMTP auth? Or is there a simpler way to authenticate users?
- Which directives do I have to use for mapping address <-> pop-box?
- What is the difference between local an virtual transport? Only the ability to read the local mails direct on the machine without a POP/IMAP server?
- We have multiple domains, which our customers can choose from to create their mail accounts. Also the customers should be able to register domain names by themself and create mail accounts under their domain. Does every domain have to be added to the main.cf?
- Is it enough to create an new account in the mysql db for adding a new user? Or do I have to tell postfix to create an account, create directories in the maildir etc?
- How do I tell Postfix to be run chrooted? Is it enough to change every service in the master.cf to be run chrooted?

Thank you very much,

Georg


> Hi,

> I have recently had similar problems, there are so many ways of
> configuring postix for many different scenarios, and the docs available
> on the web seem to at times contradict....

> I found this very frustrating... what compounded my frustration was the
> way the usergroup replys are kind of abrupt and always say the same
> "RTFM".

> Anyway, attached is a permissions map of a default install of Postfix

> What are you trying to achieve?

> I have just set up a Postfix relay to accept mail from internet
> (pointed to by MX record for our domain)
> this lives in a DMZ along side our external DNS server.

> It is configured to accept mail and pass it thru the firewall to our
> internal mail server. (local delivery and spam checking occurs here -
> just b'cos it was already in place)

> It is also configured to accept outgoing mail only from our internal
> mailserver to bedelivered to destinations on the internet.

> I would reccomend running postfix chrooted, if you are farmilliar with
> chroots, Postfix may confuse you (it got me) as it works a little
> different.

> Postfix actually starts up as root, then (after reading master.cf)
> starts the other daemons as lower priiledged users (a bit like
> apache)....

> If you need help I will try, but I am fairly new myself, and I am still
> 'tuning' my own config....

> Simon Crowther

Ralf Hildebrandt

unread,
Nov 1, 2002, 3:08:46 PM11/1/02
to
On Fri, Nov 01, 2002 at 04:40:04PM +0100, Georg Gretz wrote:

> - The server has to receive mail from internet and sort it into the
> mailboxes. The assignment email-address <-> pop-box has to be managed
> thru a mysql db. Postfix has to search for the particular address in
> the db and put the mail into the pop-box.
>
> - As POP/IMAP server I would like to set up Courier IMAP for authentication and serving mails to the user.
>
> - Also Posfix hast to act as a SMTP server to our customers. They have to authenticate over SMTP-Auth with the same username and password like on the IMAP server.
>
> I've already read the Postfix/CourierIMAP/MySQL howto, but I am a newbie on Linux (I'm usualy a coder ;) so the howto was not "simple" enough :-)
>
> My questions:
>
> - Do I have to use SASL/PAM_mysql for SMTP auth? Or is there a simpler way to authenticate users?

> - Which directives do I have to use for mapping address <-> pop-box?

man 8 virtual (use the virtual delivery agent),

> - What is the difference between local an virtual transport? Only the
> ability to read the local mails direct on the machine without a
> POP/IMAP server?

local can execute commands using .forward
local honors aliases

virtual doesn't

> - We have multiple domains, which our customers can choose from to
> create their mail accounts. Also the customers should be able to
> register domain names by themself and create mail accounts under
> their domain. Does every domain have to be added to the main.cf?

man 5 virtual
(create virtual domains in the mysqldb)

> - Is it enough to create an new account in the mysql db for adding a
> new user? Or do I have to tell postfix to create an account, create
> directories in the maildir etc?

You'll have to create the directory with the correct permissions.

> - How do I tell Postfix to be run chrooted? Is it enough to change
> every service in the master.cf to be run chrooted?

Yep. You cannot run pipe, local or virtual chrooted.

--
Ralf Hildebrandt Ralf.Hil...@charite.de
Postfix Tips: http://www.arschkrebs.de/postfix/ Tel. +49 (0)30-450 570-155

During the million-dollar BIND 9 rewrite, Paul Vixie characterized the
original BIND code as 'sleazeware produced in a drunken fury by a
bunch of U C Berkeley grad students.' -- D.J. Bernstein

Georg Gretz

unread,
Nov 2, 2002, 6:31:05 AM11/2/02
to
I'm really confused now.

I am trying to send a mail to my postfix machine. Receiver is ggr...@gretzmedia.biz. Postfix should lookup in the virtual
table in a mysql db the redirection to postm...@gretzmedia.biz. Then, postfix should lookup in the users db vor the
maildir of postm...@gretzmedia.biz, which ist /var/spool/mail/web1p1/. Then it should place the mail there.

- Why is postm...@gretzmedia.biz unknown to postfix?
- Why is postfix sending so many queries to the db? Are these queries not enough to achieve the task:
1. select transport from transport where domain = 'gretzmedia.biz'
2. select goto from virtual where address = 'ggr...@gretzmedia.biz'
3. select maildir from users where adress = 'postm...@gretzmedia.biz' (got from goto, query 2)

The db tables have the same structure as in the "Postfix+Courier-IMAP+MySQL for multiple domains HOWTO" written by
Kirby Menzel and Lucas Peet.

Here are the logs.

-- /var/log/mysql/mysql.log --------------------------------------------------
021102 11:59:30 353 Connect postfix@localhost on maildb3
353 Query select transport from transport where domain = '*'
353 Query select transport from transport where domain = 'ggr...@gretzmedia.biz'
353 Query select transport from transport where domain = 'gretzmedia.biz'
354 Connect postfix@localhost on maildb3
354 Query select goto from virtual where address = 'gretzmedia.biz'
354 Query select goto from virtual where address = 'gretzmedia.biz'
355 Connect postfix@localhost on maildb3
355 Query select maildir from users where address = 'ggr...@gretzmedia.biz'
355 Query select maildir from users where address = '@gretzmedia.biz'
354 Query select goto from virtual where address = 'ggr...@gretzmedia.biz'
355 Query select maildir from users where address = 'gretzmedia.biz'
356 Connect postfix@localhost on maildb3
356 Query select goto from virtual where address = 'ggr...@gretzmedia.biz'
356 Query select goto from virtual where address = 'postm...@gretzmedia.biz'
356 Query select goto from virtual where address = 'postmaster'
356 Query select goto from virtual where address = '@gretzmedia.biz'
353 Query select transport from transport where domain = 'postm...@gretzmedia.biz'
353 Query select transport from transport where domain = 'gretzmedia.biz'
336 Query select goto from virtual where address = 'gretzmedia.biz'
356 Query select goto from virtual where address = 'enj...@internetic.de'
356 Query select goto from virtual where address = '@internetic.de'
353 Query select transport from transport where domain = 'enj...@internetic.de'
353 Query select transport from transport where domain = 'internetic.de'
353 Query select transport from transport where domain = '.de'
336 Query select goto from virtual where address = 'internetic.de'
------------------------------------------------------------------------------


-- /var/log/mail -------------------------------------------------------------
Nov 2 11:59:30 p15107547 postfix/smtpd[30704]: connect from waldorf.one-2-one.net[217.115.142.71]
Nov 2 11:59:30 p15107547 postfix/smtpd[30704]: 22F94214188: client=waldorf.one-2-one.net[217.115.142.71]
Nov 2 11:59:30 p15107547 postfix/cleanup[30705]: 22F94214188: message-id=<200211021101...@waldorf.webpack.hosteurope.de>
Nov 2 11:59:30 p15107547 postfix/qmgr[30674]: 22F94214188: from=<enj...@internetic.de>, size=856, nrcpt=1 (queue active)
Nov 2 11:59:30 p15107547 postfix/smtpd[30704]: disconnect from waldorf.one-2-one.net[217.115.142.71]
Nov 2 11:59:30 p15107547 postfix/qmgr[30674]: 22F94214188: to=<postm...@gretzmedia.biz>, orig_to=<ggr...@gretzmedia.biz>, relay=none, delay=0, status=bounced (unknown user: "postm...@gretzmedia.biz")
Nov 2 11:59:30 p15107547 postfix/cleanup[30705]: 78E662141B0: message-id=<2002110210593...@gretzmedia.biz>
Nov 2 11:59:30 p15107547 postfix/qmgr[30674]: 78E662141B0: from=<>, size=2521, nrcpt=1 (queue active)
Nov 2 11:59:30 p15107547 postfix/smtp[30712]: 78E662141B0: to=<enj...@internetic.de>, relay=mail.internetic.de[217.115.142.71], delay=0, status=sent (250 2.0.0 gA2B1hl17721 Message accepted for delivery)
------------------------------------------------------------------------------


-- postconf -n output --------------------------------------------------------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
default_privs = nobody
local_destination_concurrency_limit = 2
mail_name = Postfix on SuSE Linux 7.2 (i386)
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
mydestination = localhost.$myhostname
myhostname = gretzmedia.biz
newaliases_path = /usr/bin/newaliases
program_directory = /usr/lib/postfix
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name
transport_maps = mysql:/etc/postfix/mysql_transport_maps.cf
virtual_gid_maps = mysql:/etc/postfix/mysql_virtual_gid_maps.cf
virtual_mailbox_base = /
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_maps = mysql:/etc/postfix/mysql_virtual_maps.cf
virtual_uid_maps = mysql:/etc/postfix/mysql_virtual_uid_maps.cf
------------------------------------------------------------------------------


-- mysql_transport_maps.cf ---------------------------------------------------
hosts=localhost
dbname=maildb3
table=transport
user=postfix
password=***
select_field=transport
where_field=domain
------------------------------------------------------------------------------


-- mysql_virtual_maps.cf -----------------------------------------------------
hosts=localhost
dbname=maildb3
table=virtual
user=postfix
password=***
select_field=goto
where_field=address
------------------------------------------------------------------------------


-- mysql_virtual_mailbox_maps.cf ---------------------------------------------
hosts=localhost
dbname=maildb3
table=users
user=postfix
password=***
select_field=maildir
where_field=address
------------------------------------------------------------------------------


-- mysql_virtual_uid_maps.cf -------------------------------------------------
hosts=localhost
dbname=maildb3
table=users
user=postfix
password=***
select_field=uid
where_field=address
------------------------------------------------------------------------------


-- mysql_virtual_gid_maps.cf -------------------------------------------------
hosts=localhost
dbname=maildb3
table=users
user=postfix
password=***
select_field=gid
where_field=address
------------------------------------------------------------------------------


> Hi,

> Simon Crowther


0 new messages