NFS and Maildir

Discussion in 'Installation/Configuration' started by achaian, Jan 4, 2007.

  1. achaian

    achaian New Member

    After following the excellant tutorials for Ubuntu Dapper Drake and ISPConfig everything was working like a charm! Thanks for that!

    My question. What permissions are required by Postfix/Procmail and Courier to deliver mail to Maildirs on an NFS share?

    Everything works great when run locally. When I mount the NFS share I have problems with delivery and logins. I have struggled with this for about 2 days now. My snap appliance is rather slim on documentation and the NFS documentation for it is even slimmer. I have given root all permissions on the export and everything works great for setting up/running websites etc. The only issue I am having is with Maildirs. Postfix can't deliver, Courier is getting permission denied errors and I am unable to login with SquirelMail (or any other mail client).

    Any help is appreciated. RTFM accepted as well, please, just point me in the right direction.

    TIA

    Brian

    ++++++++++++++++++++++++++++++++++++++++++++

    Example.com used in place of real domain.....

    My FSTAB entry (I'd like to get rid of suid if possible)
    Code:
    10.0.1.20:/www  /var/www        nfs     rw,hard,intr,exec,suid  0  0
    My Postfix main.cf

    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    myhostname = mail.example.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    #mydestination = mail.example.com, apollo.example.com, localhost.example.com, localhost
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    
    virtual_maps = hash:/etc/postfix/virtusertable
    
    mydestination = /etc/postfix/local-host-names
    
    Mail.err
    Code:
    tail mail.err
    Jan  3 20:29:40 apollo courierpop3login: rename(./new/1167863500.10513_0.apollo.example.com,./cur/1167863500.10513_0.apollo.example.com:2,) failed: Permission denied
    Jan  3 20:29:40 apollo courierpop3login: rename(./new/1167863496.10496_0.apollo.example.com,./cur/1167863496.10496_0.apollo.example.com:2,) failed: Permission denied
    Jan  3 20:29:41 apollo courierpop3login: Error while saving courierpop3dsizelist, user=web2_mckenzbJan  3 20:30:56 apollo imaplogin: DISCONNECTED, user=web2_mckenzb, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
    Jan  3 21:27:55 apollo imaplogin: DISCONNECTED, user=web2_mckenzb, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
    Jan  3 22:06:32 apollo imaplogin: DISCONNECTED, user=web2_mckenzb, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
    Jan  3 22:20:05 apollo courierpop3login: LOGIN FAILED, ip=[::ffff:127.0.0.1]
    Jan  3 23:10:41 apollo courierpop3login: LOGIN FAILED, ip=[::ffff:127.0.0.1]
    Jan  4 01:14:27 apollo postfix/sendmail[6964]: fatal: usage: sendmail [options]
    Jan  4 08:46:45 apollo imapd-ssl: LOGIN FAILED, ip=[::ffff:10.0.1.11]
    
    Code:
    droot@apollo:/var/www/web4# ls -la /var/www/web4/user/
    total 24
    drwxr-x--- 3 root web4 1024 2007-01-03 23:51 .
    drwxr-xrwx 9 root web4 1024 2007-01-04 03:58 ..
    -r-------- 1 root root    0 2007-01-03 23:51 .no_delete
    drwxr-x--- 4 root web4 1024 2007-01-04 01:37 web4_mckenzb
    
    Code:
    root@apollo:/var/www/web4# ls -la
    total 96
    drwxr-xrwx 9 root web4 1024 2007-01-04 03:58 .
    drwxr-xr-x 7 root root 1024 2007-01-04 00:28 ..
    drwxr-x--- 2 root web4 1024 2007-01-03 23:51 cgi-bin
    -rw------- 1 root web4   24 2007-01-04 01:37 .forward
    drwxrwxr-x 3 root web4 1024 2007-01-03 23:51 ftp
    -rw-rw-r-- 1 root web4   27 2007-01-04 03:58 .htpasswd
    drwxr-x--- 3 root web4 1024 2007-01-04 00:28 log
    lrwxr-x--- 1 root web4   39 2007-01-04 01:37 Maildir -> /var/www/web4/user/web4_mckenzb/Maildir
    drwxr-x--- 2 root web4 1024 2007-01-03 23:51 phptmp
    -rw-r--r-- 1 root root  465 2007-01-04 01:37 .procmailrc
    drwxr-x--- 2 root web4 1024 2007-01-03 23:52 ssl
    drwxr-x--- 3 root web4 1024 2007-01-03 23:51 user
    lrwxr-x--- 1 root web4   47 2007-01-04 01:37 .vacation.cache -> /var/www/web4/user/web4_mckenzb/.vacation.cache
    drwxr-x--- 4 root web4 1024 2007-01-04 03:58 web
    
     
  2. martinfst

    martinfst Member Moderator

    A general remark: Using Postfix maildir's on NFS in generally considered a bad thing. See the Postfix mailing list. You will run eventually into a locking problem, which can cause lost mail.
     
  3. achaian

    achaian New Member

    I don't know much about these things so if I'm incorrect, I apologize.....

    I was under the impression maildir was the only way to go via NFS? I thought that locking issues were associated with mbox and NFS.

    ++++++++++++++++++++++++++
    http://www.postfix.org/NFS_README.html

    ++++++++++++++++++++++++++
     
  4. martinfst

    martinfst Member Moderator

    From the same document:
    I just refer to the several emails I recall to have seen on the Postfix Users mailing list and the troubles it gives. Could well depend on the load on the mail/nfs servers. Personally I would try to avoid using NFS, but I agree this could depend on your specific situation.
     
  5. achaian

    achaian New Member

    I appreciate your response. Thank You.

    I am trying to work on a shoestring budget. The server doesn't have much storage space but I have the snapserver with 400+GB that I picked up cheap from ebay. My email archive is extensive and I needed room to put it. Thought the snap might be a nice place to store websites and emails. Everything works very well, I just can't seem to get over the permissions denied issues with postfix/courier.

    Thanks again for the words of wisdom, as I said I am not well rounded in Postfix/Courier.
     
  6. martinfst

    martinfst Member Moderator

    NFS normally uses a anonymous user. Maybe you can mount as a nfs4 type filesystem. You can do user mapping between the two systems. I have only seen this in the man pages, I haven't used nfs4 myself.
     

Share This Page