[vox-tech] mail problem

Alan H. Lake vox-tech@lists.lugod.org
15 Oct 2002 09:43:55 -0700 

I changed "mydestination" in /etc/postfix/main.cf to mail.addr.com.  I
thought it interesting that an Anaconda message normally sent to the
local mailbox has now been sent to mail.addr.com, which is just fine. 
That provided a good test.

However, I now have the old problem back again:

Oct 15 09:24:50 ontario postfix/postdrop[3158]: warning:
mail_queue_enter: create file maildrop/998978.3158: Permission denied

Permissions now in effect are 
drwxr-xr-x   17 root     root         4096 Oct 15 08:43 postfix
and
drwxr-xr-T    2 postfix  postdrop     4096 Oct 15 09:19 maildrop

On Mon, 2002-10-14 at 17:07, Samuel Merritt wrote:
> On Mon, Oct 14, 2002 at 11:43:37AM -0700, Alan H. Lake wrote:
> > I'm using RH 7.3.  My file directory structure and permissions are the
> > same as Samuel's, except that I don't have the "T" option set.  Before I
> > set it, though, I'd like to confirm that this is the "sticky bit".  In
> > my book, Linux in a Nutshell, the sticky bit is represented by a "t".
> 
> This is the sticky bit. 'T' means that the sticky bit is set, but that
> the world-executable bit is not set. 't' means that both the sticky bit
> and the world-executable bit are set. (from the ls info page)
>  
> > Also, my var/spool/postfix directory is owned by root/root.  Its
> > permissions are drwxr_xr_x.  I wonder whether the owner is OK.
> 
> That's the same as on my system. 
> 
> I'm not sure about Redhat, but under Debian, postfix is configured so
> its various parts run as different users and groups, with the goal being
> to minimize the privileges necessary for different tasks. 
> 
> On my machine, postfix has several processes currently running:
> master: user=root, group=root
> qmgr: user=postfix, group=postfix
> pickup: user=postfix, group=postfix
> 
> Looking at the postdrop executable, I have
> -r-xr-sr-x    1 root     postdrop     7564 Jul 14 13:22 /usr/sbin/postdrop
> meaning anyone can run it, and the postdrop command runs as group
> postdrop no matter who runs it. 
> 
> What's the ownership of /var/spool/postfix/maildrop? If it's root/root,
> then a postdrop process running as randomuser/postdrop can't write to
> it, and that'll produce the error you've been seeing. 
> 
> > I made some other changes and the nature of the problem has changed. 
> > 
> > I'm now sending mail, but not as I want to.  For testing purposes, I
> > want to send the email to myself.  When I sent mail to
> > alan.lake@lakeinfoworks.com, I got a "user unknown" error.  When I sent
> > mail to alan@lakeinfoworks.com, the attempt was technically successful. 
> > However, my intent was to send via the internet to my web host and
> > receive the mail with my Evolution client.  Instead, I was only able to
> > get the email by opening a terminal window and typing "mail" at the
> > command line while logged in as user "alan".
> > 
> > In /etc/postfix/main.cf, I've got a good relayhost...
> 
> If "mydestination" contains lakeinfoworks.com, then postfix will
> (attempt to) perform local delivery of the message. Unless you have a
> user "alan.lake", this will fail. 
> 
> > On Mon, 2002-10-14 at 00:19, Samuel Merritt wrote:
> > > On Sat, Oct 12, 2002 at 05:17:56PM -0700, Alan H. Lake wrote:
> > > > I'm trying to send mail from PHP and am getting the message (in
> > > > /var/log/maillog)
> > > > 
> > > > Oct 12 17:15:35 ontario postfix/postdrop[3588]: warning:
> > > > mail_queue_enter: create file maildrop/262682.3588: Permission denied
> > > > 
> > > > Do you have any idea what to do about that?
> > > 
> > > It sounds to me like the permissions or the ownership on
> > > /var/spool/postfix/maildrop (or wherever it is on your distribution) are
> > > wrong. 
> > > 
> > > On my mail server (Debian 3.0), we have: 
> > > 
> > > drwx-wx--T    2 postfix  postdrop       35 Oct 13 06:47 /var/spool/postfix/maildrop
> > > 
> > > The directory has to be writable by group postdrop, since the postdrop
> > > process runs as gid postdrop (or the user chosen at compile time). 
> > > 
> > > -- 
> > > Samuel Merritt
> > > OpenPGP key is at http://meat.andcheese.org/~spam/spam_at_andcheese_dot_org.asc
> > > Information about PGP can be found at http://www.mindspring.com/~aegreene/pgp/
> > 
> > 
> > _______________________________________________
> > vox-tech mailing list
> > vox-tech@lists.lugod.org
> > http://lists.lugod.org/mailman/listinfo/vox-tech
> 
> -- 
> Samuel Merritt
> OpenPGP key is at http://meat.andcheese.org/~spam/spam_at_andcheese_dot_org.asc
> Information about PGP can be found at http://www.mindspring.com/~aegreene/pgp/