Postfix + Cyrus problem: local delivery doesnot work
Dear all, I have a problem setting up an E-mail service using cyrus and postfix on SuSE 10.1 (RC3). all my user's accounts info is in the MYSQL database ( a table with "login" and "pass" string columns), and i tryed pam_mysql and sasl_sql plugin, both with the same result. The cyrus itself looks OK, i can even successfully log into a users mailbox, and the postfix seems to understand that config too -- i set up SASL authentication for smtpd server, and it lets me to send mail outside only if i provide correct users login and password. But: posfix refuses to deliver local mail for my domain (see log quotations below) ragardless whatever local_transprot i use: cyrus or lmtp. however: when i issue the same command that is specified in master.cf file manually as "cyrus" user, like su cyrus /usr/lib/cyrus/bin/deliver -r user@mail.com user5 where user5 is one of my accounts defined in DB, and then type in a message, like From: user@mail.com To: user5@mydomain.ru Subject: Test TEST . Contrl^D I get the message delivered into user's INBOX just fine. (and the user's INBOX get autocreated as well) Any help will be appreciated!!! well, below are quitations from logfiles and configs: mydomain.ru -- replaces my domain name. here is what i have in logfiles, when postfix tries local delivery: /var/log/mail: -------------------------------------------------------------------------------- May 1 17:44:03 server postfix/qmgr[5146]: BCCFB3E51C: from=<user@somedomain.com>, size=537, nrcpt=1 (queue active) May 1 17:44:03 server postfix/local[5151]: warning: connect #1 to subsystem private/lmtp: Operation not permitted ............... <then similar messages> ..................... May 1 17:45:43 server postfix/local[5153]: fatal: connect #11 to subsystem private/lmtp: Operation not permitted May 1 17:45:44 server postfix/qmgr[5146]: warning: premature end-of-input on private/local socket while reading input attribute name May 1 17:45:44 server postfix/qmgr[5146]: warning: private/local socket: malformed response May 1 17:45:44 server postfix/qmgr[5146]: warning: transport local failure -- see a previous warning/fatal/panic logfile record for the problem description May 1 17:45:44 server postfix/master[5134]: warning: process /usr/lib/postfix/local pid 5151 exit status 1 May 1 17:45:44 server postfix/master[5134]: warning: /usr/lib/postfix/local: bad command startup -- throttling May 1 17:45:44 server postfix/master[5134]: warning: process /usr/lib/postfix/local pid 5153 exit status 1 May 1 17:45:44 server postfix/qmgr[5146]: 37DE0370FC: to=<user5@mydomain.ru>, relay=none, delay=8053, status=deferred (delivery tempo rarily suspended: unknown mail transport error) May 1 17:45:44 server postfix/qmgr[5146]: warning: 37DE0370FC: flush service failure May 1 17:45:44 server postfix/qmgr[5146]: CDA8C36F10: to=<user5@mydomain.ru>, relay=none, delay=323710, status=deferred (delivery tem porarily suspended: unknown mail transport error) ----------------------------------------------------------------------------------------- /var/log/messages: nothing about this events my Config files: (is there somethign that i miss?) ======================================= /etc/imapd.conf: -------------------------------------------------------------- configdirectory: /var/lib/imap partition-default: /var/spool/imap sievedir: /var/lib/sieve admins: root postmaster cyrus allowanonymouslogin: no autocreatequota: 100000 createonpost: 1 reject8bit: no quotawarn: 90 timeout: 30 poptimeout: 10 dracinterval: 0 drachost: localhost allowplaintext: yes servername: server.mydomain.ru sasl_pwcheck_method: auxprop lmtp_overquota_perm_failure: no lmtp_downcase_rcpt: yes ======================================== /etc/cyrus.conf: ---------------------------------------------------------------- START { recover cmd="ctl_cyrusdb -r" idled cmd="idled" } SERVICES { imap cmd="imapd" listen="imap" prefork=1 imaps cmd="imapd -s" listen="imaps" prefork=1 pop3 cmd="pop3d" listen="pop3" prefork=0 pop3s cmd="pop3d -s" listen="pop3s" prefork=0 sieve cmd="timsieved" listen="sieve" prefork=1 lmtp cmd="lmtpd" listen="lmtp" prefork=1 lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 } EVENTS { checkpoint cmd="ctl_cyrusdb -c" period=30 delprune cmd="cyr_expire -E 3" at=0400 tlsprune cmd="tls_prune" at=0400 } ======================================== /usr/lib64/sasl2/Cyrus.conf (symlinks: imapd.conf imap.conf) ---------------------------------------------------------------- auxprop_plugin: sql sql_engine: mysql sql_user: mail sql_passwd: gtxrby sql_hostnames: localhost sql_database: lanbilling sql_statement: select pass from vgroups where login = '%u' sql_usessl: no password_format: plaintext ======================================== /usr/lib64/sasl2/smtpd.conf ---------------------------------------------------------------- mech_list: plain login pwcheck_method: auxprop auxprop_plugin: sql sql_engine: mysql sql_user: mail sql_passwd: gtxrby sql_hostnames: 127.0.0.1 sql_database: lanbilling sql_statement: select pass from vgroups where login = '%u' sql_usessl: no password_format: plaintext ======================================== /etc/postfix/main.cf ---------------------------------------------------------------- mail_spool_directory = /var/mail canonical_maps = hash:/etc/postfix/canonical virtual_alias_maps = hash:/etc/postfix/virtual virtual_alias_domains = hash:/etc/postfix/virtual relocated_maps = hash:/etc/postfix/relocated transport_maps = hash:/etc/postfix/transport sender_canonical_maps = hash:/etc/postfix/sender_canonical local_recipient_maps = mysql:/etc/postfix/mysql-local.cf $alias_maps masquerade_exceptions = root masquerade_classes = envelope_sender, header_sender, header_recipient myhostname = server.mydomain.ru daemon_directory = /usr/lib/postfix program_directory = /usr/lib/postfix readme_directory = /usr/share/doc/packages/postfix/README_FILES html_directory = /usr/share/doc/packages/postfix/html sample_directory = /usr/share/doc/packages/postfix/samples sendmail_path = /usr/sbin/sendmail setgid_group = maildrop manpage_directory = /usr/share/man newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq inet_protocols = all inet_interfaces = all masquerade_domains = mydestination = mydomain.ru defer_transports = mynetworks_style = subnet disable_dns_lookups = no relayhost = mailbox_command = # mailbox_transport = cyrus -- same result !!! mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp strict_8bitmime = yes disable_mime_output_conversion = no smtpd_sender_restrictions = hash:/etc/postfix/access, reject_unknown_sender_domain smtpd_client_restrictions = permit_sasl_authenticated, smtpd_helo_required = yes smtpd_helo_restrictions = strict_rfc821_envelopes = no smtpd_recipient_restrictions = permit_tls_clientcerts, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtp_sasl_auth_enable = no smtpd_sasl_auth_enable = yes smtpd_use_tls = yes smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_cert_file = /etc/postfix/ssl/certs/postfixcert.pem smtpd_tls_key_file = /etc/postfix/ssl/certs/postfixkey.pem smtpd_tls_received_header = yes tls_daemon_random_source = dev:/dev/urandom tls_random_source = dev:/dev/urandom relay_clientcerts = hash:/etc/postfix/relay_ccerts smtpd_tls_ask_ccert = yes smtp_use_tls = no alias_maps = hash:/etc/aliases mailbox_size_limit = 0 message_size_limit = 102400000 unknown_local_recipient_reject_code = 450 ========================================== /etc/postfix/mysql-local.cf (see above local_transport) ------------------------------------------------------------------- user = mail password = gtxrby dbname = lanbilling table = vgroups select_field = login where_field = login query = SELECT login FROM vgroups WHERE login='%u' #additional_conditions = and blocked = 0 hosts = 127.0.0.1
Vitaly Shishakov wrote:
Dear all,
I have a problem setting up an E-mail service using cyrus and postfix on SuSE 10.1 (RC3). all my user's accounts info is in the MYSQL database ( a table with "login" and "pass" string columns), and i tryed pam_mysql and sasl_sql plugin, both with the same result.
Okay, so far so good.
The cyrus itself looks OK, i can even successfully log into a users mailbox, and the postfix seems to understand that config too -- i set up SASL authentication for smtpd server, and it lets me to send mail outside only if i provide correct users login and password. But: posfix refuses to deliver local mail for my domain (see log quotations below) ragardless whatever local_transprot i use: cyrus or lmtp.
Now, that is a bit strange. Though you should probably leave local_transport alone and use mailbox_transport instead.
however: when i issue the same command that is specified in master.cf file manually as "cyrus" user, like
su cyrus /usr/lib/cyrus/bin/deliver -r user@mail.com user5
where user5 is one of my accounts defined in DB, and then type in a message, like
From: user@mail.com To: user5@mydomain.ru Subject: Test
TEST .
Contrl^D
I get the message delivered into user's INBOX just fine. (and the user's INBOX get autocreated as well)
That smells like a permission problem. Starting with Suse 10 Novell has included AppArmor to prevent applications from using files not defined in their profile. The other possibility is that the user that is configured in master.cf does not have the right to use the transport cyrus. Though that would be a bit strange.
Any help will be appreciated!!!
well, below are quitations from logfiles and configs: mydomain.ru -- replaces my domain name.
here is what i have in logfiles, when postfix tries local delivery: /var/log/mail: -------------------------------------------------------------------------------- May 1 17:44:03 server postfix/qmgr[5146]: BCCFB3E51C: from=<user@somedomain.com>, size=537, nrcpt=1 (queue active) May 1 17:44:03 server postfix/local[5151]: warning: connect #1 to subsystem private/lmtp: Operation not permitted
Try to deactivate AppArmor, then "postfix stop; postfix start;" Try to send another mail after that. Does this mail end up in Cyrus? Another possibility is that you have configured postfix/local in a chroot.
/usr/lib64/sasl2/Cyrus.conf (symlinks: imapd.conf imap.conf) ---------------------------------------------------------------- auxprop_plugin: sql sql_engine: mysql sql_user: mail sql_passwd: gtxrby sql_hostnames: localhost sql_database: lanbilling sql_statement: select pass from vgroups where login = '%u' sql_usessl: no password_format: plaintext
I hope this is not your real password, otherwise change it, fast!
/etc/postfix/main.cf ---------------------------------------------------------------- mail_spool_directory = /var/mail canonical_maps = hash:/etc/postfix/canonical virtual_alias_maps = hash:/etc/postfix/virtual virtual_alias_domains = hash:/etc/postfix/virtual relocated_maps = hash:/etc/postfix/relocated transport_maps = hash:/etc/postfix/transport sender_canonical_maps = hash:/etc/postfix/sender_canonical local_recipient_maps = mysql:/etc/postfix/mysql-local.cf $alias_maps masquerade_exceptions = root masquerade_classes = envelope_sender, header_sender, header_recipient myhostname = server.mydomain.ru daemon_directory = /usr/lib/postfix program_directory = /usr/lib/postfix readme_directory = /usr/share/doc/packages/postfix/README_FILES html_directory = /usr/share/doc/packages/postfix/html sample_directory = /usr/share/doc/packages/postfix/samples sendmail_path = /usr/sbin/sendmail setgid_group = maildrop manpage_directory = /usr/share/man newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq inet_protocols = all inet_interfaces = all masquerade_domains = mydestination = mydomain.ru defer_transports = mynetworks_style = subnet disable_dns_lookups = no relayhost = mailbox_command = # mailbox_transport = cyrus -- same result !!! mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
Can postfix access that socket? Probably not. Please disable AppArmor and chroot for local. Sandy -- List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
Sandy, thank you very much for advise! В сообщении от 1 мая 2006 23:54 Sandy Drobic написал(a):
Vitaly Shishakov wrote:
Dear all,
I have a problem setting up an E-mail service using cyrus and postfix on SuSE 10.1 (RC3). The cyrus itself looks OK, i can even successfully log into a users mailbox, and the postfix seems to understand that config too -- i set up SASL authentication for smtpd server, and it lets me to send mail outside only if i provide correct users login and password. But: posfix refuses to deliver local mail for my domain (see log quotations below) ragardless whatever local_transprot i use: cyrus or lmtp.
Now, that is a bit strange. Though you should probably leave local_transport alone and use mailbox_transport instead.
sorry, mistype, mailbox_trasport of course,
That smells like a permission problem. Starting with Suse 10 Novell has included AppArmor to prevent applications from using files not defined in their profile. The other possibility is that the user that is configured in master.cf does not have the right to use the transport cyrus. Though that would be a bit strange.
Try to deactivate AppArmor, then "postfix stop; postfix start;"
It worked! all mails from the queue arrived. Thank you very much for help. now i'll go RTFM about AppArmor -- as a matter of fact, since SuSE 10.1 it is enabled by default.
Try to send another mail after that. Does this mail end up in Cyrus?
Another possibility is that you have configured postfix/local in a chroot.
/usr/lib64/sasl2/Cyrus.conf (symlinks: imapd.conf imap.conf) ---------------------------------------------------------------- auxprop_plugin: sql sql_engine: mysql sql_user: mail sql_passwd: gtxrby sql_hostnames: localhost sql_database: lanbilling sql_statement: select pass from vgroups where login = '%u' sql_usessl: no password_format: plaintext
I hope this is not your real password, otherwise change it, fast!
oops, missed this one, thanks.
participants (2)
-
Sandy Drobic -
Vitaly Shishakov