Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Dovecot, Postfix and Dovecot LDA (LMTP) delivery
2,403 views
Skip to first unread message
Remy Zandwijk
Mar 6, 2011, 7:41:27 AM3/6/11
to
Hi list,
I am running a Debian Lenny machine with Postfix 2.5.5 and Dovecot 2.0.8. Up until now I ran Postfix with the Procmail delivery agent succesfully. The machine has only local users; I am not using virtual mailboxes. Due to obvious reasons I want to switch to Dovecot LDA delivery, through LMTP.
I spend quite some time finding 'the' configuration for both Postfix and Dovecot, but without success. Find my current configuration below. Postfix receives the e-mail, but delivery through LMTP fails, resulting in Postfix sending an NDR.
I just cannot figure out what's wrong and I am not sure whether it's a Postfix or Dovecot problem either. Some log output from Postfix:
Mar 5 13:25:15 hostname postfix/smtpd[12442]: connect from otherhost.domain.tld[aa.bb.cc.dd]
Mar 5 13:25:16 hostname postfix/smtpd[12442]: CC47979071: client=otherhost.domain.tld[aa.bb.cc.dd]
Mar 5 13:25:16 hostname postfix/cleanup[12447]: CC47979071: message-id=<Pine.GSO.4.64.11...@otherhost.domain.tld>
Mar 5 13:25:16 hostname postfix/qmgr[12372]: CC47979071: from=<re...@otherhost.domain.tld>, size=1037, nrcpt=1 (queue active)
Mar 5 13:25:16 hostname postfix/smtpd[12442]: disconnect from otherhost.domain.tld[aa.bb.cc.dd]
Mar 5 13:25:16 hostname postfix/lmtp[12448]: CC47979071: to=<re...@hostname.domain.tld>, relay=hostname.domain.tld[private/dovecot-lmtp], delay=1.2, delays=1.2/0.01/0.01/0.05, dsn=5.1.1, status=bounced (host hostname.domain.tld[private/dovecot-lmtp] said: 550 5.1.1 <re...@hostname.domain.tld> User doesn't exist: re...@hostname.domain.tld (in reply to RCPT TO command))
The only lines that Dovecot logs are:
Mar 05 13:25:16 lmtp(12449): Info: Connect from local
Mar 05 13:25:16 lmtp(12449): Info: Disconnect from local: Client quit
Although LMTP should log to /tmp/dovecot-lmtp.log, the file remains empty.
Anyone amongst you who is running the same kind of setup and can help?
Thanks,
Remy
Postfix config (postfix -n output)
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
default_transport = smtp
inet_interfaces = all
local_transport = lmtp:unix:private/dovecot-lmtp
mailbox_command =
mailbox_size_limit = 0
message_size_limit = 31457280
mydestination = hostname.domain.tld, localhost.domain.tld, localhost
myhostname = hostname.domain.tld
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relay_transport = error
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net,reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname,reject_non_fqdn_helo_hostname,reject_unknown_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, reject_unknown_recipient_domain
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
Dovecot config (dovecot -n output)
# 2.0.8: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.26-2-amd64 x86_64 Debian 5.0.8
auth_master_user_separator = *
listen = *
log_path = /var/log/dovecot.log
mail_location = maildir:~/.maildir
maildir_stat_dirs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date
namespace {
hidden = no
inbox = yes
list = yes
location =
prefix =
separator = /
subscriptions = yes
type = private
}
passdb {
driver = pam
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap lmtp
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
driver = passwd
}
verbose_proctitle = yes
protocol lmtp {
info_log_path = /tmp/dovecot-lmtp-info.log
log_path = /tmp/dovecot-lmtp.log
}
protocol imap {
mail_plugins =
}
I am running a Debian Lenny machine with Postfix 2.5.5 and Dovecot 2.0.8. Up until now I ran Postfix with the Procmail delivery agent succesfully. The machine has only local users; I am not using virtual mailboxes. Due to obvious reasons I want to switch to Dovecot LDA delivery, through LMTP.
I spend quite some time finding 'the' configuration for both Postfix and Dovecot, but without success. Find my current configuration below. Postfix receives the e-mail, but delivery through LMTP fails, resulting in Postfix sending an NDR.
I just cannot figure out what's wrong and I am not sure whether it's a Postfix or Dovecot problem either. Some log output from Postfix:
Mar 5 13:25:15 hostname postfix/smtpd[12442]: connect from otherhost.domain.tld[aa.bb.cc.dd]
Mar 5 13:25:16 hostname postfix/smtpd[12442]: CC47979071: client=otherhost.domain.tld[aa.bb.cc.dd]
Mar 5 13:25:16 hostname postfix/cleanup[12447]: CC47979071: message-id=<Pine.GSO.4.64.11...@otherhost.domain.tld>
Mar 5 13:25:16 hostname postfix/qmgr[12372]: CC47979071: from=<re...@otherhost.domain.tld>, size=1037, nrcpt=1 (queue active)
Mar 5 13:25:16 hostname postfix/smtpd[12442]: disconnect from otherhost.domain.tld[aa.bb.cc.dd]
Mar 5 13:25:16 hostname postfix/lmtp[12448]: CC47979071: to=<re...@hostname.domain.tld>, relay=hostname.domain.tld[private/dovecot-lmtp], delay=1.2, delays=1.2/0.01/0.01/0.05, dsn=5.1.1, status=bounced (host hostname.domain.tld[private/dovecot-lmtp] said: 550 5.1.1 <re...@hostname.domain.tld> User doesn't exist: re...@hostname.domain.tld (in reply to RCPT TO command))
The only lines that Dovecot logs are:
Mar 05 13:25:16 lmtp(12449): Info: Connect from local
Mar 05 13:25:16 lmtp(12449): Info: Disconnect from local: Client quit
Although LMTP should log to /tmp/dovecot-lmtp.log, the file remains empty.
Anyone amongst you who is running the same kind of setup and can help?
Thanks,
Remy
Postfix config (postfix -n output)
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
default_transport = smtp
inet_interfaces = all
local_transport = lmtp:unix:private/dovecot-lmtp
mailbox_command =
mailbox_size_limit = 0
message_size_limit = 31457280
mydestination = hostname.domain.tld, localhost.domain.tld, localhost
myhostname = hostname.domain.tld
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relay_transport = error
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net,reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname,reject_non_fqdn_helo_hostname,reject_unknown_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, reject_unknown_recipient_domain
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
Dovecot config (dovecot -n output)
# 2.0.8: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.26-2-amd64 x86_64 Debian 5.0.8
auth_master_user_separator = *
listen = *
log_path = /var/log/dovecot.log
mail_location = maildir:~/.maildir
maildir_stat_dirs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date
namespace {
hidden = no
inbox = yes
list = yes
location =
prefix =
separator = /
subscriptions = yes
type = private
}
passdb {
driver = pam
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap lmtp
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
driver = passwd
}
verbose_proctitle = yes
protocol lmtp {
info_log_path = /tmp/dovecot-lmtp-info.log
log_path = /tmp/dovecot-lmtp.log
}
protocol imap {
mail_plugins =
}
Remy Zandwijk
Mar 6, 2011, 9:16:40 AM3/6/11
to
I am running a Debian Lenny machine with Postfix 2.5.5 and Dovecot 2.0.8. Up until now I ran Postfix with the Procmail delivery agent succesfully. The machine has only local users; I am not using virtual mailboxes. Due to obvious reasons I want to switch to Dovecot LDA delivery, through LMTP.
I spend quite some time finding 'the' configuration for both Postfix and Dovecot, but without success. Find my current configuration below. Postfix receives the e-mail, but delivery through LMTP fails, resulting in Postfix sending an NDR.
I just cannot figure out what's wrong and I am not sure whether it's a Postfix or Dovecot problem either. Some log output from Postfix:
I finally figured out what's wrong. It appears that Dovecot in fact
is checking the existance of user 're...@hostname.domain.tld' in one
of the configured user databases. Obviously, local users/usernames
do not have the local domain added.
Adding
userdb {
driver = passwd-file
args = username_format=%n /etc/passwd
}
to the 'protocol lmtp { }' block solves the issue. The only thing is that Dovecot now logs this to it's logs:
Mar 06 15:04:57 auth: Error: passwd-file /etc/passwd: User root has invalid UID '0'
Can't hurt, but is polutes the logs.
Is there a way Postfix can be told to get rid of the domain part if mail is sent through LMTP?
Thanks,
Remy
Adding
userdb {
driver = passwd-file
args = username_format=%n /etc/passwd
}
to the 'protocol lmtp { }' block solves the issue. The only thing is that Dovecot now logs this to it's logs:
Mar 06 15:04:57 auth: Error: passwd-file /etc/passwd: User root has invalid UID '0'
Can't hurt, but is polutes the logs.
Is there a way Postfix can be told to get rid of the domain part if mail is sent through LMTP?
Thanks,
Remy
Wietse Venema
Mar 6, 2011, 10:57:28 AM3/6/11
to
Remy Zandwijk:
> Is there a way Postfix can be told to get rid of the domain part if mail is
> sent through LMTP?
> Is there a way Postfix can be told to get rid of the domain part if mail is
> sent through LMTP?
No. The LMTP protocol, like SMTP requires complete email addresses.
Wietse
Jeroen Geilman
Mar 6, 2011, 11:21:45 AM3/6/11
to
Additionally, overriding local_transport means you won't be able to use
the standard alias_maps setting to list valid local recipients - you
have to customize these for dovecot LMTP.
Simply put, /etc/aliases no longer works; you'll have to set up
virtual_alias_maps for all your local aliases.
This also means you can't alias or forward to commands anymore; any
command execution you wish to do will have to be set up as a
full-fledged pipe(8) transport.
Consider using mailbox_transport instead.
--
J.
Wietse Venema
Mar 6, 2011, 1:25:56 PM3/6/11
to
Nikolaos Milas:
> I'm asking trying to learn:
>
> Is there a benefit of using LMTP for local delivery when using Dovecot?
> Why not use Dovecot LDA (without using LMTP)?
> I'm asking trying to learn:
>
> Is there a benefit of using LMTP for local delivery when using Dovecot?
> Why not use Dovecot LDA (without using LMTP)?
Better scalability, performance, and error handling than is possible
with the pipe-to-command interface.
> In Postfix documentation, I've read about lmtp that "The advantage of
> this setup is that one Postfix machine can feed multiple mailbox servers
> over LMTP. The opposite is true as well: one mailbox server can be fed
> over LMTP by multiple Postfix machines."
>
> And I wonder:
>
> 1. Can't this be done also with Dovecot LDA?
Yes, if you limit yourself to one machine.
Wietse
Remy Zandwijk
Mar 6, 2011, 3:06:11 PM3/6/11
to
For a Postfix novice like
me, that's very usefull information :-) Thank you.
-Remy
-Remy
Remy Zandwijk
Mar 6, 2011, 3:10:05 PM3/6/11
to
Besides that, you need
dovecot-lda to be setuid-root or call it with sudo
(according to http://wiki2.dovecot.org/LDA) to get it to cooperate
with Postfix. I think using LMTP is a much more cleaner solution.
-Remy
-Remy
Remy Zandwijk
Mar 7, 2011, 6:38:01 AM3/7/11
to
I am running a Debian Lenny machine with Postfix 2.5.5 and Dovecot 2.0.8. Up until now I ran Postfix with the Procmail delivery agent succesfully. The machine has only local users; I am not using virtual mailboxes. Due to obvious reasons I want to switch to Dovecot LDA delivery, through LMTP.
I spend quite some time finding 'the' configuration for both Postfix and Dovecot, but without success. Find my current configuration below. Postfix receives the e-mail, but delivery through LMTP fails, resulting in Postfix sending an NDR.
I just cannot figure out what's wrong and I am not sure whether it's a Postfix or Dovecot problem either. Some log output from Postfix:
I finally figured out what's wrong. It appears that Dovecot in fact is checking the existance of user 're...@hostname.domain.tld' in one of the configured user databases. Obviously, local users/usernames do not have the local domain added.
Adding
userdb {
driver = passwd-file
args = username_format=%n /etc/passwd
}
to the 'protocol lmtp { }' block solves the issue.
For archival purposes
only:
On the Dovecot list I was told using the above method is not the best idea, since there are no guarantees it will always work without failures.
The best way to solve the problem is to configure
auth_username_format = %n
in conf.d/10-auth.conf
-Remy
On the Dovecot list I was told using the above method is not the best idea, since there are no guarantees it will always work without failures.
The best way to solve the problem is to configure
auth_username_format = %n
in conf.d/10-auth.conf
-Remy
0 new messages