[prev in list] [next in list] [prev in thread] [next in thread]
List: dovecot
Subject: permission denied errors with INDEX=MEMORY and trees plugin
From: John McKay via dovecot <dovecot () dovecot ! org>
Date: 2019-02-24 18:25:36
Message-ID: 20190224182536.GA11689 () mutt ! local
[Download RAW message or body]
I am using the trees[1] plugin to encrypt the mail on my disk. Because I
don't want it to store any metadata in plaintext, I've also set
INDEX=MEMORY in my mail_location configuration.
However, whenever I get new mail I get errors like the following showing up in the \
journal:
lmtp(john@octet.space)<21780><QDkrBqTXclwUVQAAQHGRUQ>: Error: Mailbox INBOX: Saving \
mail: read(/var/vmail/octet.space/john/Maildir/tmp/1551030180.M508113P21780.toaster.octet.space) \
failed: Permission denied (read reason=header Subject (Cache file is unusable))
It's like it's trying to read the message after it's been delivered, but
is not able to because it's been encrypted. I seem to be able to get
email just fine despite the error message. This happens both if I
deliver mail using dovecot-lda or lmtp.
Is there any way to fix this or at the very least suppress the error
message? I have included my dovecot configuration below.
[1] https://0xacab.org/riseuplabs/trees
[root@toaster ~]# dovecot --version
2.3.4.1 (f79e8e7e4)
[root@toaster ~]# dovecot -n
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 (60b0f48d)
# OS: Linux 4.20.8-arch1-1-ARCH x86_64 ext4
# Hostname: toaster.octet.space
base_dir = /run/dovecot/
hostname = toaster.octet.space
mail_gid = vmail
mail_home = /var/vmail/%d/%n
mail_location = maildir:/var/vmail/%d/%n/Maildir:UTF-8:INDEX=MEMORY
mail_plugins = " quota trash zlib trees notify replication"
mail_privileged_group = vmail
mail_uid = vmail
mailbox_list_index_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation \
subaddress comparator-i;ascii-numeric relational regex imap4flags copy include \
variables body enotify environment mailbox date index ihave duplicate mime \
foreverypart extracttext spamtest spamtestplus imapflags notify imapsieve \
vnd.dovecot.imapsieve namespace inbox {
inbox = yes
location = maildir:/var/vmail/%d/%n/Maildir:UTF-8:INDEX=MEMORY
mailbox Drafts {
auto = create
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Spam {
auto = create
autoexpunge = 30 days
special_use = \Junk
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
imapsieve_mailbox1_before = \
file:/var/lib/dovecot/imapsieve/before/report-spam.sieve imapsieve_mailbox1_causes = \
COPY FLAG imapsieve_mailbox1_name = Spam
imapsieve_mailbox2_before = file:/var/lib/dovecot/imapsieve/before/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_name = *
quota = maildir:User quota
quota_max_mail_size = 100M
quota_rule = *:storage=15G
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
quota_warning3 = -storage=100%% quota-warning below %u
recipient_delimiter = +
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_before = /var/lib/dovecot/sieve/before/
sieve_extensions = +spamtest +spamtestplus +notify +imapflags
sieve_filter_socket_dir = sieve-pipe
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment \
+vnd.dovecot.filter sieve_pipe_socket_dir = sieve-pipe
sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_quota_max_storage = 4M
sieve_spamtest_max_header = X-Spam-Score: -?[[:digit:]]+\.[[:digit:]]+ / \
(-?[[:digit:]]+\.[[:digit:]]) sieve_spamtest_status_header = X-Spam-Score: \
(-?[[:digit:]]+\.[[:digit:]]+) / -?[[:digit:]]+\.[[:digit:]] \
sieve_spamtest_status_type = score trash = /etc/dovecot/dovecot-trash.conf.ext
zlib_save = xz
zlib_save_level = 6
}
protocols = imap lmtp
service auth-worker {
group = smtpd
user = $default_internal_user
}
service auth {
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
service dovecot-lda {
executable = script /usr/lib/dovecot/dovecot-lda.sh
unix_listener sieve-pipe/dovecot-lda {
mode = 0600
user = vmail
}
user = vmail
}
service filter_rspamc {
executable = script /usr/lib/dovecot/filter_rspamc.sh
group = vmail
unix_listener sieve-pipe/filter_rspamc {
mode = 0600
user = vmail
}
user = vmail
}
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service learn_ham {
executable = script /usr/lib/dovecot/learn_ham.sh
group = vmail
unix_listener sieve-pipe/learn_ham {
mode = 0600
user = vmail
}
user = vmail
}
service learn_spam {
executable = script /usr/lib/dovecot/learn_spam.sh
group = vmail
unix_listener sieve-pipe/learn_spam {
mode = 0600
user = vmail
}
user = vmail
}
service lmtp {
unix_listener lmtp {
group = vmail
mode = 0660
user = vmail
}
}
service pop3-login {
inet_listener pop3 {
port = 0
}
inet_listener pop3s {
port = 0
}
}
service quota-warning {
executable = script /usr/lib/dovecot/quota-warning.sh
unix_listener quota-warning {
group = vmail
mode = 0660
user = vmail
}
user = vmail
}
ssl = required
ssl_cert = </etc/acme/fullchain.cer
ssl_cipher_list = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_ \
SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GC \
M-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol lda {
mail_plugins = " quota trash zlib trees notify replication sieve zlib"
}
protocol imap {
mail_plugins = " quota trash zlib trees notify replication imap_quota imap_sieve \
imap_zlib zlib" }
protocol lmtp {
mail_plugins = " quota trash zlib trees notify replication sieve zlib"
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic