Dovecot: missing +w perm: /var/mail, we're not in group 8(mail)
I can't figure out what I am missing. I'm setting up a new mail server and had this erorre every time I receive an email.
The user is inside the group mail
mail:x:8:dovecot,user.name
The perms directory are here /var/mail
drwxrwsr-x 3 root mail 4096 nov 11 12:20 mail/
This is dovecot configuration
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
# OS: Linux 4.4.0-47-generic x86_64 Ubuntu 16.04.1 LTS ext4
auth_mechanisms = plain login
mail_location = mbox:/var/mail/%u
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
protocols = " imap pop3"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
ssl = no
userdb {
driver = passwd
}
Do you read this documentation?
You must add
mail_privileged_group = mail
Or make /var/mail
world-writable with sticky bit set, allowing anyone to create new files but not overwrite or delete existing files owned by someone else
chmod a+rwxt /var/mail
In my own situation I've found that simply making sure that /var/mail
is owned by the mail
group and making sure that the user's group is set to mail
as well is enough for this to work.
If you're sharing dovecot's authentication system with other services (IE: you're using /etc/passwd
& /etc/shadow
for user information and authentication instead of /etc/mail/passwd
or some such), you'll want to at least make sure that the user has mail
as one of its groups, even if it's not practical to make mail
its primary group. In a shared authentication system scenario, you'll also want to have the mentioned mail_privileged_group
parameter set to mail
in dovecot.conf
, or in one of its included configuration files like so:
mail_privileged_group = mail
I should also note that 0770
should be the highest privileges you need to give to /var/mail
. dovecot will create the user's directory with user only write permissions after its created, so you don't have to worry about the group permissions getting inherited.