[vox-tech] mail problem

Alan H. Lake vox-tech@lists.lugod.org
15 Oct 2002 10:52:55 -0700 

Here's a reply to my own post, but I did find the answer.  Now, I wish
to be able to advertise it...

The permissions for /var/spool/postfix/maildrop should be drwx-wx--T
(1734), not drwxr-xr-x, which is how RH set it in 7.3.  (I wonder
whether that was fixed in 8.0).

On Tue, 2002-10-15 at 09:43, Alan H. Lake wrote:
> I changed "mydestination" in /etc/postfix/main.cf to mail.addr.com.  I
> thought it interesting that an Anaconda message normally sent to the
> local mailbox has now been sent to mail.addr.com, which is just fine. 
> That provided a good test.
> 
> However, I now have the old problem back again:
> 
> Oct 15 09:24:50 ontario postfix/postdrop[3158]: warning:
> mail_queue_enter: create file maildrop/998978.3158: Permission denied
> 
> Permissions now in effect are 
> drwxr-xr-x   17 root     root         4096 Oct 15 08:43 postfix
> and
> drwxr-xr-T    2 postfix  postdrop     4096 Oct 15 09:19 maildrop
> 
> On Mon, 2002-10-14 at 17:07, Samuel Merritt wrote:
> > On Mon, Oct 14, 2002 at 11:43:37AM -0700, Alan H. Lake wrote:
> > > I'm using RH 7.3.  My file directory structure and permissions are the
> > > same as Samuel's, except that I don't have the "T" option set.  Before I
> > > set it, though, I'd like to confirm that this is the "sticky bit".  In
> > > my book, Linux in a Nutshell, the sticky bit is represented by a "t".
> > 
> > This is the sticky bit. 'T' means that the sticky bit is set, but that
> > the world-executable bit is not set. 't' means that both the sticky bit
> > and the world-executable bit are set. (from the ls info page)
> >  
> > > Also, my var/spool/postfix directory is owned by root/root.  Its
> > > permissions are drwxr_xr_x.  I wonder whether the owner is OK.
> > 
> > That's the same as on my system. 
> > 
> > I'm not sure about Redhat, but under Debian, postfix is configured so
> > its various parts run as different users and groups, with the goal being
> > to minimize the privileges necessary for different tasks. 
> > 
> > On my machine, postfix has several processes currently running:
> > master: user=root, group=root
> > qmgr: user=postfix, group=postfix
> > pickup: user=postfix, group=postfix
> > 
> > Looking at the postdrop executable, I have
> > -r-xr-sr-x    1 root     postdrop     7564 Jul 14 13:22 /usr/sbin/postdrop
> > meaning anyone can run it, and the postdrop command runs as group
> > postdrop no matter who runs it. 
> > 
> > What's the ownership of /var/spool/postfix/maildrop? If it's root/root,
> > then a postdrop process running as randomuser/postdrop can't write to
> > it, and that'll produce the error you've been seeing. 
> > 
> > > I made some other changes and the nature of the problem has changed. 
> > > 
> > > I'm now sending mail, but not as I want to.  For testing purposes, I
> > > want to send the email to myself.  When I sent mail to
> > > alan.lake@lakeinfoworks.com, I got a "user unknown" error.  When I sent
> > > mail to alan@lakeinfoworks.com, the attempt was technically successful. 
> > > However, my intent was to send via the internet to my web host and
> > > receive the mail with my Evolution client.  Instead, I was only able to
> > > get the email by opening a terminal window and typing "mail" at the
> > > command line while logged in as user "alan".
> > > 
> > > In /etc/postfix/main.cf, I've got a good relayhost...
> > 
> > If "mydestination" contains lakeinfoworks.com, then postfix will
> > (attempt to) perform local delivery of the message. Unless you have a
> > user "alan.lake", this will fail. 
> > 
> > > On Mon, 2002-10-14 at 00:19, Samuel Merritt wrote:
> > > > On Sat, Oct 12, 2002 at 05:17:56PM -0700, Alan H. Lake wrote:
> > > > > I'm trying to send mail from PHP and am getting the message (in
> > > > > /var/log/maillog)
> > > > > 
> > > > > Oct 12 17:15:35 ontario postfix/postdrop[3588]: warning:
> > > > > mail_queue_enter: create file maildrop/262682.3588: Permission denied
> > > > > 
> > > > > Do you have any idea what to do about that?
> > > > 
> > > > It sounds to me like the permissions or the ownership on
> > > > /var/spool/postfix/maildrop (or wherever it is on your distribution) are
> > > > wrong. 
> > > > 
> > > > On my mail server (Debian 3.0), we have: 
> > > > 
> > > > drwx-wx--T    2 postfix  postdrop       35 Oct 13 06:47 /var/spool/postfix/maildrop
> > > > 
> > > > The directory has to be writable by group postdrop, since the postdrop
> > > > process runs as gid postdrop (or the user chosen at compile time). 
> > > > 
> > > > -- 
> > > > Samuel Merritt
> > > > OpenPGP key is at http://meat.andcheese.org/~spam/spam_at_andcheese_dot_org.asc
> > > > Information about PGP can be found at http://www.mindspring.com/~aegreene/pgp/
> > > 
> > > 
> > > _______________________________________________
> > > vox-tech mailing list
> > > vox-tech@lists.lugod.org
> > > http://lists.lugod.org/mailman/listinfo/vox-tech
> > 
> > -- 
> > Samuel Merritt
> > OpenPGP key is at http://meat.andcheese.org/~spam/spam_at_andcheese_dot_org.asc
> > Information about PGP can be found at http://www.mindspring.com/~aegreene/pgp/
> 
> 
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>