[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Maildrop problem



 On 9/7/2010 4:34 PM, Johannes Bunte wrote:
Hey guys,
I'm quite desperate getting maildrop to work.
I use postfix and courier with a mysql backend (virtual mailboxes). maildrop connects to authlib and gets the proper information, but only as root, it delivers it to the right mailbox. When i call maildrop from sudo -u vmail -i, it creates/appends the mail to ~/Maildir. Here is some output:
# maildrop -V5 -d me@my-domain.de < mail.eml
maildrop: authlib: groupid=2000
maildrop: authlib: userid=2000
maildrop: authlib: logname=me@my-domain.de, home=/var/kunden/mail/, mail=johannes/me@my-domain.de/
maildrop: Changing to /var/kunden/mail/
Message start at 0 bytes, envelope sender=me@my-domain.de
maildrop: Attempting .mailfilter
maildrop: Delivery complete.
# sudo -u vmail -i
$ maildrop -V5 -d me@my-domain.de < mail.eml
maildrop: authlib: groupid=2000
maildrop: authlib: userid=2000
maildrop: authlib: logname=me@my-domain.de, home=/var/kunden/mail/, mail=johannes/me@my-domain.de/
maildrop: Changing to /var/kunden/mail
Message start at 0 bytes, envelope sender=vmail
maildrop: Attempting .mailfilter
maildrop: Delivering to ./Maildir
maildrop: Flock()ing ./Maildir.
maildrop: Appending to ./Maildir.
maildrop: Delivery complete.

So the only difference before delivery is the envelope sender, which I can set manually, but which does not give a different result in terms of delivery.

Has anybody got an idea what is wrong there?
I use Lenny with standard repos, so a quite common setup. It's running in VirtualBox from Lenny-Backports.

Btw: What can go wrong with a setuid? I straced the above command, but as vmail I was not allowed to connect to the authdaemon socket, the first getuid() returned 2000 before any setuid. After chowning the socket, the connection to the authdaemon seems to be fine, but I don't understand why getuid() does not return a 0, because maildrop has -rwsr-sr-x. Maybe that's the problem? Any ideas?

Thanks for any hints!
Johannes

I'm pretty sure maildrop should not be setuid root, since postfix is supposed to change to the user of the recipient before calling maildrop. Also, getuid() returns the real user ID, geteuid() returns the effective user ID.

I haven't used maildrop in a long time, I've since switched to dovecot and postfix for my virtual domain setup. But in my setup, the delivery agent is not setuid root.


Reply to: