# cannot send mail with postfix and dovecot



## spring_64 (Sep 13, 2017)

Another question about mail server.
I follow many tutorial and their instructions to set up a mail server on my Freebsd11 machine.
when I run the `swaks --from user1@example.com --to user2@example.com --server <ip>:25`,  the output of /var/log/dovecot-error is:

```
deliver(user2@example.com): Fatal: setuid(5002) failed with euid=5001(vmail): Operation not permitted (This binary should probably be called with process user set to 5002 instead of 5001(vmail))
```
I define user vamil with  uid:5000 and group vmail with gid 5000 in my system. 

These are the steps:
1. install openldap
2. install postfix
3. install dovecot
The configs are:
#dovecot.conf

```
base_dir = /var/run/dovecot/
protocols = imap pop3
protocol imap {
        listen = *:143
}
protocol pop3  {
    listen= *:110
}
disable_plaintext_auth = no
log_path = /var/log/dovecot-error
info_log_path = /var/log/dovecot-info
ssl = no
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_greeting = Dovecot ready.
mail_location = maildir:~/Maildir/%u
mail_privileged_group = mail
dotlock_use_excl = yes
verbose_proctitle = yes

first_valid_uid = 1000
first_valid_gid = 1000

protocol imap {
  login_executable = /usr/local/libexec/dovecot/imap-login
  mail_executable = /usr/local/libexec/dovecot/imap
  imap_client_workarounds = delay-newmail netscape-eoh tb-extra-mailbox-sep
}
protocol pop3 {
  login_executable = /usr/local/libexec/dovecot/pop3-login
  mail_executable = /usr/local/libexec/dovecot/pop3
  pop3_uidl_format = %08Xu%08Xv
  mail_max_userip_connections = 3
  mail_plugin_dir = /usr/local/lib/dovecot/pop3
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol managesieve {
  login_executable = /usr/local/libexec/dovecot/managesieve-login
  mail_executable = /usr/local/libexec/dovecot/managesieve
}

protocol lda {
  postmaster_address = postmaster@example.com
  mail_plugin_dir = /usr/local/lib/dovecot/lda
  sendmail_path = /usr/sbin/sendmail
  auth_socket_path = /var/run/dovecot/auth-master
}

auth_executable = /usr/local/libexec/dovecot/dovecot-auth
auth_process_size = 256
auth_username_format = %Lu

auth default {
  mechanisms = plain login
  user=postfix
  passdb ldap {
    args = /usr/local/etc/dovecot-ldap.conf
  }
  userdb passwd {
    args = blocking=yes
  }
  userdb ldap {
    args = /usr/local/etc/dovecot-ldap.conf
  }
  user = root
  socket listen {
    master {
      path = /var/run/dovecot/auth-master
    }
    client {
      path = /var/run/dovecot/auth-client
      mode = 0660
      user = postfix
      group = postfix
    }
  }
}
dict_db_config = /usr/local/etc/dovecot-db.conf
```

#dovecot-ldap.conf

```
hosts = localhost
debug_level = -1
auth_bind = no
ldap_version = 3
base =ou=people,dc=example,dc=com
deref = never
scope = subtree
user_attrs = mailHomeDirectory=home,mailUidNumber=uid,mailGidNumber=gid,mailStorageDirectory=mail
user_filter = (&(objectClass=postfixUser)(uid=%n))
pass_attrs = uid=user,userPassword=password
pass_filter = (&(objectClass=postfixUser)(uid=%n))
default_pass_scheme = LDAP-MD5
```

# postfix/main.cf

```
inet_interfaces = all
inet_protocols = ipv4
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
myhostname = mail.example.com
append_dot_mydomain = no
mynetworks =
   # Local
    127.0.0.0/8
    # External
    *.*.*.*/24
local_transport = error:Local Transport Disabled
alias_maps = hash:/etc/aliases
mydomain = example.com
mydestination =
    $myhostname
    localhost.$mydomain
    localhost
virtual_transport = dovecot
smtpd_sasl_auth_enable = yes
```
#postfix/master.cf

```
dovecot   unix  -       n       n       -       -       pipe
        flags=ODRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -e -f ${sender} -d ${recipient}
```

# example.ldif is:

```
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example

dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
objectClass: top
ou: people

dn: ou=services,dc=example,dc=com
objectClass: organizationalUnit
objectClass: top
ou: services

dn: uid=postfix,ou=services,dc=example,dc=com
objectClass: account
objectClass: top
uid: postfix

dn: uid=dovecot,ou=services,dc=example,dc=com
objectClass: account
objectClass: top
uid: dovecot

dn: uid=user1,ou=people,dc=example,dc=com
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: postfixUser
objectClass: extensibleObject
cn: user1
givenName: user1
mail: user1@example.com
mailEnabled: TRUE
mailGidNumber: 5000
mailHomeDirectory: /var/vmail/user1@example.com
mailQuota: 10240
mailStorageDirectory: maildir:/vmail/user1@example.com/Maildir
mailUidNumber: 5002
sn: Some2
uid: user1
userPassword: ******

dn: uid=user2,ou=people,dc=example,dc=com
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: postfixUser
objectClass: extensibleObject
cn: user2
givenName: user2
mail: user2@example.com
mailEnabled: TRUE
mailGidNumber: 5000
mailHomeDirectory: /var/vmail/user2@example.com
mailQuota: 10240
mailStorageDirectory: maildir:/vmail/user2@example.com/Maildir
mailUidNumber: 5003
sn: Some3
uid: user2
userPassword: ******
```
Sorry, my post is too long.

Thanks


----------



## SirDice (Sep 13, 2017)

Dovecot is only used to _read_ mail through IMAP or POP3. Sending (and receiving) email is always done through SMTP and in your case it's Postfix that handles that.


----------



## spring_64 (Sep 13, 2017)

Thank you for your response.

Would you please help me and say which part of config should change and another question is where is the emails location?


----------



## SirDice (Sep 13, 2017)

I'm not too familiar with Postfix, I can fix some basic issues but that's about it. My own mail server uses Exim. But focus on Postfix first. Turn off Dovecot. Make sure Postfix correctly accepts submissions and external SMTP connections to deliver mail. Double check and adjust where local mail gets stored on the system (this will be important for Dovecot later on).


----------



## ShelLuser (Sep 13, 2017)

Do you see anything specific in /var/log/maillog?

Also, what's swaks? I run Postfix + Dovecot myself but never heard of that one before. I assume it's a sendmail kind of thingie, but if you're troubleshooting it might be more productive to use telnet instead so that you get to see the (error) messages which you get during the session.


----------



## spring_64 (Sep 14, 2017)

ShelLuser said:


> Do you see anything specific in /var/log/maillog




```
Sep 14 14:24:30 mail postfix/smtpd[908]: connect from mail.example.com[<ip>]
Sep 14 14:24:30 mail postfix/smtpd[908]: A2A80115F5E: client=mail.example.com[<ip>]
Sep 14 14:24:30 mail postfix/cleanup[911]: A2A80115F5E: message-id=<20170914095430.A2A80115F5E@t7.example.com>
Sep 14 14:24:30 mail postfix/smtpd[908]: disconnect from mail.example.com[<ip>] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Sep 14 14:24:30 mail postfix/qmgr[778]: A2A80115F5E: from=<user1@example.com>, size=468, nrcpt=1 (queue active)
Sep 14 14:24:30 mail postfix/pipe[912]: A2A80115F5E: to=<user2@example.com>, relay=dovecot, delay=0.16, delays=0.11/0.01/0/0.04, dsn=4.3.0, status=deferred (temporary failure)
```



ShelLuser said:


> what's swaks


swaks is a SMTP test tool. this is the output of swaks:


```
root@mail:~ # swaks --from user1@example.com --to user2@example.com --server <ip>:25
=== Trying <ip>:25...
=== Connected to <ip>.
<-  220 mail.example.com ESMTP Postfix
 -> EHLO mail.example.com
<-  250-mail.example.com
<-  250-PIPELINING
<-  250-SIZE 10240000
<-  250-ETRN
<-  250-AUTH SCRAM-SHA-1 DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
<-  250-AUTH=SCRAM-SHA-1 DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
<-  250-ENHANCEDSTATUSCODES
<-  250-8BITMIME
<-  250 DSN
 -> MAIL FROM:<user1@example.com>
<-  250 2.1.0 Ok
 -> RCPT TO:<user2@example.com>
<-  250 2.1.5 Ok
 -> DATA
<-  354 End data with <CR><LF>.<CR><LF>
 -> Date: Thu, 14 Sep 2017 14:24:30 +0430
 -> To: user2@example.com
 -> From: user1@example.com
 -> Subject: test Thu, 14 Sep 2017 14:24:30 +0430
 -> X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/
 ->
 -> This is a test mailing
 ->
 -> .
<-  250 2.0.0 Ok: queued as A2A80115F5E
 -> QUIT
<-  221 2.0.0 Bye
=== Connection closed with remote host.
root@mail:~ #
```


----------



## ShelLuser (Sep 14, 2017)

Well, when basing myself on that last post it appears to work normally. Seems the first error wasn't so much caused by sending the e-mail but more so by Dovecot. It's a nice program (Dovecot) but I can't help think that they're also overcomplicating things quite a bit (I'm specifically not a big fan of the "let's split the configuration into 100 different files" approach).

Anyway..  I think you're looking for first_valid_uid and last_valid_uid, which can be found in conf.d/10-mail.conf. Other than that I can't really comment because I only use Dovecot for retrieval, not delivery. For local delivery I usually rely on Procmail which I use through the mailbox_command setting in main.cf (Postfix).


----------



## spring_64 (Sep 16, 2017)

ShelLuser said:


> first_valid_uid and last_valid_uid


I set first_valid_uid and last_valid_uid to 5000. In my system I have user vmail with uid 5000 and gid 5000, but it doesn't work.

Now I set the mailUidNumber: 5000  in my ldif file. The error disapear and another error apear.

```
deliver(user1@example.com): Error: mkdir(/vmail/user1@example.com/Maildir/cur) failed: Permission denied (euid=5000(vmail) egid=5000(vmail))
```

I changed mailHomeDirectory: /var/vmail  and mailStorageDirectory: /var/vmail, so the email delivered.

My question is: Are these new configs right? And how can I have the personal mail directory
for each user?

I spent a lot of time on my mailserver and i'm so confused.

Thank you for wasting your time to solve my problem.


----------

