Postfix -> DSPAM -> Cyrus IMAPd

Gerald D. Anderson gander at
Tue May 31 13:48:37 EDT 2005

Greetings all,

  I'm having a problem that makes me think I'm just over looking
something silly, but for the life of me, I can't figure out what.   I am
sending emails from postfix to dspam as a mailbox_command:

/mailbox_command = /usr/bin/dspam --deliver=innocent --user $USER/

This seems to be working fine.  Then I have dspam set up to use cyrus
imap as the LDA:

/TrustedDeliveryAgent "/usr/lib/cyrus/deliver %u"

# Untrusted Delivery Agent: Specifies the local delivery agent and arguments
# DSPAM should use when delivering mail and running in untrusted user mode.
# Because DSPAM will not allow pass-through arguments to be specified to
# untrusted users, all arguments should be specified here. Use %u to specify
# the user DSPAM is processing mail for. This configuration parameter is
# necessary if you plan on allowing untrusted processing.
UntrustedDeliveryAgent "/usr/lib/cyrus/deliver %u"/

When dspam does this, I'm getting permission denied from lmtp:

/status=bounced (Command died with status 255: "/usr/bin/dspam
--deliver=innocent --user $USER". Command output: couldn't connect to
lmtpd: Permission denied_ 421 4.3.0 deliver: couldn't connect to lmtpd_
14536: [5/31/2005 6:27:16] Delivery agent returned error, exit code: 75,
command line: /usr/lib/cyrus/deliver gander

/By default, dspam runs as UID dspam, and is set 4711 :

/-rws--x--x  1 dspam dspam 163152 May 29 10:34 /usr/bin/dspam/

The permissions on the lmtp socket:

/srwxrwxrwx   1 root  root   0 May 29 10:04 lmtp

/I have tried setting dspam to setuid root:root, and setuid cyrus:mail
with no effect.  There is something here that I am definitely not
understanding.  Has anybody seen this, or see something stupid that I'm

I appreciate any help at all!



P.S.  My cyrus.conf just to make sure:

/# $Header:
/var/cvsroot/gentoo-x86/net-mail/cyrus-imapd/files/cyrus.conf,v 1.4
2004/07/18 04:02:23 dragonheart Exp $

# Standard standalone server configuration.

  # Do not delete this entry!
  recover       cmd="ctl_cyrusdb -r"

  # This is only necessary if using idled for IMAP IDLE.
  #idled                cmd="idled"

# UNIX sockets start with a slash and are put into /var/imap/socket.
  # Add or remove based on preferences.
  imap          cmd="imapd" listen="imap2" prefork=0
  pop3          cmd="pop3d" listen="pop-3" prefork=0

  # Don't forget to generate the needed keys for SSL or TLS
  # (see doc/html/install-configure.html).
  #imaps                cmd="imapd -s" listen="imaps" prefork=0
  #pop3s                cmd="pop3d -s" listen="pop3s" prefork=0

  sieve         cmd="timsieved" listen="sieve" prefork=0

  # at least one LMTP is required for delivery
  #lmtp         cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0

  # this is only necessary if using notifications
  #notify       cmd="notifyd" listen="/var/imap/socket/notify"
proto="udp" prefork=1

  # This is required.
  checkpoint    cmd="ctl_cyrusdb -c" period=30

  # This is only necessary if using duplicate delivery suppression.
  delprune      cmd="ctl_deliver -E 3" period=1440

  # This is only necessary if caching TLS sessions.
  tlsprune      cmd="tls_prune" period=1440/

Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list