[vox-tech] mail problem

Samuel Merritt vox-tech@lists.lugod.org
Mon, 14 Oct 2002 17:07:59 -0700


--G4iJoqBmSsgzjUCe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Oct 14, 2002 at 11:43:37AM -0700, Alan H. Lake wrote:
> I'm using RH 7.3.  My file directory structure and permissions are the
> same as Samuel's, except that I don't have the "T" option set.  Before I
> set it, though, I'd like to confirm that this is the "sticky bit".  In
> my book, Linux in a Nutshell, the sticky bit is represented by a "t".

This is the sticky bit. 'T' means that the sticky bit is set, but that
the world-executable bit is not set. 't' means that both the sticky bit
and the world-executable bit are set. (from the ls info page)
=20
> Also, my var/spool/postfix directory is owned by root/root.  Its
> permissions are drwxr_xr_x.  I wonder whether the owner is OK.

That's the same as on my system.=20

I'm not sure about Redhat, but under Debian, postfix is configured so
its various parts run as different users and groups, with the goal being
to minimize the privileges necessary for different tasks.=20

On my machine, postfix has several processes currently running:
master: user=3Droot, group=3Droot
qmgr: user=3Dpostfix, group=3Dpostfix
pickup: user=3Dpostfix, group=3Dpostfix

Looking at the postdrop executable, I have
-r-xr-sr-x    1 root     postdrop     7564 Jul 14 13:22 /usr/sbin/postdrop
meaning anyone can run it, and the postdrop command runs as group
postdrop no matter who runs it.=20

What's the ownership of /var/spool/postfix/maildrop? If it's root/root,
then a postdrop process running as randomuser/postdrop can't write to
it, and that'll produce the error you've been seeing.=20

> I made some other changes and the nature of the problem has changed.=20
>=20
> I'm now sending mail, but not as I want to.  For testing purposes, I
> want to send the email to myself.  When I sent mail to
> alan.lake@lakeinfoworks.com, I got a "user unknown" error.  When I sent
> mail to alan@lakeinfoworks.com, the attempt was technically successful.=
=20
> However, my intent was to send via the internet to my web host and
> receive the mail with my Evolution client.  Instead, I was only able to
> get the email by opening a terminal window and typing "mail" at the
> command line while logged in as user "alan".
>=20
> In /etc/postfix/main.cf, I've got a good relayhost...

If "mydestination" contains lakeinfoworks.com, then postfix will
(attempt to) perform local delivery of the message. Unless you have a
user "alan.lake", this will fail.=20

> On Mon, 2002-10-14 at 00:19, Samuel Merritt wrote:
> > On Sat, Oct 12, 2002 at 05:17:56PM -0700, Alan H. Lake wrote:
> > > I'm trying to send mail from PHP and am getting the message (in
> > > /var/log/maillog)
> > >=20
> > > Oct 12 17:15:35 ontario postfix/postdrop[3588]: warning:
> > > mail_queue_enter: create file maildrop/262682.3588: Permission denied
> > >=20
> > > Do you have any idea what to do about that?
> >=20
> > It sounds to me like the permissions or the ownership on
> > /var/spool/postfix/maildrop (or wherever it is on your distribution) are
> > wrong.=20
> >=20
> > On my mail server (Debian 3.0), we have:=20
> >=20
> > drwx-wx--T    2 postfix  postdrop       35 Oct 13 06:47 /var/spool/post=
fix/maildrop
> >=20
> > The directory has to be writable by group postdrop, since the postdrop
> > process runs as gid postdrop (or the user chosen at compile time).=20
> >=20
> > --=20
> > Samuel Merritt
> > OpenPGP key is at http://meat.andcheese.org/~spam/spam_at_andcheese_dot=
_org.asc
> > Information about PGP can be found at http://www.mindspring.com/~aegree=
ne/pgp/
>=20
>=20
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech

--=20
Samuel Merritt
OpenPGP key is at http://meat.andcheese.org/~spam/spam_at_andcheese_dot_org=
.asc
Information about PGP can be found at http://www.mindspring.com/~aegreene/p=
gp/

--G4iJoqBmSsgzjUCe
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE9q1xfW3tuPJ1t7wURAhMDAJ9UJIQilTsvg1sZ+YX2IfqOt50h5ACfYirw
dy2SULvylyaj+2ErBdlHlUE=
=EZjn
-----END PGP SIGNATURE-----

--G4iJoqBmSsgzjUCe--