Cyrus deliver doesn't work (Permission denied)

thilo_wagner at thilo_wagner at
Thu Feb 5 12:38:22 EST 2004

Hi everybody, 

I'm trying to setup a mailserver with postfix 2.0.17 & cyrus.
I'm using several virtual domains which are managed through Web-cyradm and a
MySQL DB. Authentification is done via sasl2.

The problem is, the the local mail delivery from the postfix input queue to
the cyrus IMAP mailboex doesn't work. The mails remain in the postfix queue
and I get the following errormessage: 

# tail /var/log/imapd.log

deliver[31642]: connect(/var/spool/postfix/private/lmtp) failed:
Permission denied

# tail /var/log/mail

postfix/qmgr[20817]: CC58D432B: from=<root at>, size=411,
nrcpt=1 (queue active) postfix/pipe[32737]: CC58D432B:
to=< at>,
orig_to=<testuser at>, relay=cyrus, delay=4571,
status=deferred (temporary failure. Command output: couldn't connect to
lmtpd: Permission denied_ 421 4.3.0 deliver: couldn't connect to lmtpd_ )

# ls -l /var/spool/postfix/private/lmtp

srw-rw-rw-    1 postfix  postfix         0 Feb  5 13:35

# mailq

-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
CC58D432B       411 Thu Feb  5 14:14:41  root at
(temporary failure. Command output: couldn't connect to lmtpd: Permission
denied_ 421 4.3.0 deliver: couldn't connect to lmtpd_ ) at

I'm not a linux expert and I'm now totaly at the end of my knowledge after I
searched for a couple of days in various mailinglists and the web. Any help
is welcome!

If you need any more informations or configuration data, please ask me. 
Here are a few parts of my configuration files, maybe they might help to
solve the problem. 

Thanks in advance, Thilo


cyrus     unix  -       n       n       -       -       pipe
  flags= user=cyrus argv=/usr/lib/cyrus/bin/deliver -r ${sender} -m
${extension} ${user}

I have one question for this. What is the parameter ${user} at the end of
the line for? 
I had a look what values these three variables have on runtime (by writing
them to a logfile instead of calling deliver). That's the result:

${sender} = root at
${extension} =
${user} = (empty)

Could it be that the connection to the lmtpd doesn't work because deliver
has to do some authentification or something like that?  Could the empty
variable ${user} be a reson that it doesn't work or is this normal? Or might be any
wrong set filepermissions the reason?


configdirectory: /var/lib/imap
partition-default: /var/spool/imap
sievedir: /var/lib/sieve
admins: cyrus
allowanonymouslogin: no
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sasl_mech_list: PLAIN
sendmail: /usr/sbin/sendmail
sieve_maxscriptsize: 32
sieve_maxscripts: 5
servername: m13s21
sasl_pwcheck_method: saslauthd
lmtp_overquota_perm_failure: no
unixhierarchysep: yes
lmtpsocket: /var/spool/postfix/private/lmtp
tls_ca_file: /var/imap/server.pem
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem

# postconf -n

alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = 
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports = 
disable_dns_lookups = no
inet_interfaces =
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_size_limit = 51200000
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = masquerade_exceptions = root message_size_limit =
10240000 mydestination = $myhostname, localhost.$mydomain,
mysql:/etc/postfix/ myhostname =
mynetworks =, newaliases_path =
/usr/bin/newaliases program_directory = /usr/lib/postfix queue_directory =
/var/spool/postfix relayhost = relocated_maps =
hash:/etc/postfix/relocated sample_directory =
/usr/share/doc/packages/postfix/samples sender_canonical_maps =
hash:/etc/postfix/sender_canonical, mysql:/etc/postfix/
sendmail_path = /usr/sbin/sendmail setgid_group = maildrop
smtp_sasl_auth_enable = no smtpd_client_restrictions = smtpd_helo_required
= no smtpd_helo_restrictions = smtpd_recipient_restrictions =
smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions =
hash:/etc/postfix/access soft_bounce = yes strict_rfc821_envelopes = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450

GMX ProMail (250 MB Mailbox, 50 FreeSMS, Virenschutz, 2,99 EUR/Monat...)
jetzt 3 Monate GRATIS + 3x DER SPIEGEL +++ +++

Home Page:
List Archives/Info:

More information about the Info-cyrus mailing list