2.3.14: posting to shared mailbox results in 550 Permission denied

Simon Matter simon.matter at invoca.ch
Thu May 28 10:28:21 EDT 2009


> On Thu, May 28, 2009 at 12:25:10PM +0200, Simon Matter wrote:
>> > Hi,
>> >
>> > I have a server which I upgraded recently from 2.3.13 to 2.3.14.
>> > Now I realized that sending mail to shared folders doesn't work
>> anymore.
>> > I have verified the problem on a test box and it looks like this:
>> >
>> > May 28 11:01:49 install lmtpunix[15085]: accepted connection
>> > May 28 11:01:49 install lmtpunix[15085]: lmtp connection preauth'd as
>> > postman
>> > May 28 11:01:49 install lmtpunix[15085]: verify_user(system) failed:
>> > Permission denied
>> > May 28 11:01:49 install postfix/lmtp[15077]: 87D6F34018:
>> > to=<+system at localhost.corp.invoca.ch>, orig_to=<+system at localhost>,
>> > relay=install.corp.invoca.ch[/var/lib/imap/socket/lmtp], delay=0.12,
>> > delays=0.09/0.01/0/0.03, dsn=5.7.1, status=bounced (host
>> > install.corp.invoca.ch[/var/lib/imap/socket/lmtp] said: 550-You do not
>> > have permission to post a message to this mailbox. 550-Please contact
>> the
>> > owner of this mailbox in order to submit 550-your message, or
>> postmaster
>> > if you believe you 550-received this message in error. 550 5.7.1
>> > Permission denied (in reply to RCPT TO command))
>> >
>> > The mailbox has the following permissions:
>> >
>> > localhost.localdomain> lam system
>> > anonymous p
>> > anyone lrs
>> >
>>
>> What fails with 2.3.14 is append_check() in verify_user().
>
> MAIL FROM:<brong at fastmail.fm>
> 250 2.1.0 ok
> RCPT TO:<bb+shared.foo>
> 250 2.1.5 ok
>
> With:
>
> postuser: bb
>
> In imapd.conf.  That seems to be what the docs recommend.  It looks like
> you're just using a naked "+mailbox at domain"?
>
> I'm a little confused.  Can you show me the config and how it's supposed
> to work?

OK, I think the postuser can be empty but how you did it is correct.
I have tested with postuser now and it's still the same. I have:

[root at client140 ~]# cat /etc/imapd.conf
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
postuser: bb

localhost.localdomain> lam *
system:
  anonymous p
  anyone lrs

And now I do:

[simix at somehost simix]$ telnet client140 24
Trying 192.168.10.140...
Connected to client140.
Escape character is '^]'.
220 client140.bi.corp.invoca.ch Cyrus LMTP v2.3.14-Invoca-RPM-2.3.14-4
server ready
MAIL FROM:<simon.matter at invoca.ch>
250 2.1.0 ok
RCPT TO:<bb+system>
550-You do not have permission to post a message to this mailbox.
550-Please contact the owner of this mailbox in order to submit
550-your message, or postmaster if you believe you
550-received this message in error.
550 5.7.1 Permission denied

As soon as I give p right to anyone it starts to work. But that was not
the case until 2.3.14 and I don't think that's how it should be.

Simon



More information about the Info-cyrus mailing list