NFS and Maildir

Discussion in 'Installation/Configuration' started by achaian, Jan 4, 2007.

  1. achaian

    achaian New Member

    After following the excellant tutorials for Ubuntu Dapper Drake and ISPConfig everything was working like a charm! Thanks for that!

    My question. What permissions are required by Postfix/Procmail and Courier to deliver mail to Maildirs on an NFS share?

    Everything works great when run locally. When I mount the NFS share I have problems with delivery and logins. I have struggled with this for about 2 days now. My snap appliance is rather slim on documentation and the NFS documentation for it is even slimmer. I have given root all permissions on the export and everything works great for setting up/running websites etc. The only issue I am having is with Maildirs. Postfix can't deliver, Courier is getting permission denied errors and I am unable to login with SquirelMail (or any other mail client).

    Any help is appreciated. RTFM accepted as well, please, just point me in the right direction.

    TIA

    Brian

    ++++++++++++++++++++++++++++++++++++++++++++

    Example.com used in place of real domain.....

    My FSTAB entry (I'd like to get rid of suid if possible)
    Code:
    10.0.1.20:/www  /var/www        nfs     rw,hard,intr,exec,suid  0  0
    My Postfix main.cf

    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mail.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = mail.example.com, apollo.example.com, localhost.example.com, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names
    Mail.err
    Code:
    tail mail.err
Jan  3 20:29:40 apollo courierpop3login: rename(./new/1167863500.10513_0.apollo.example.com,./cur/1167863500.10513_0.apollo.example.com:2,) failed: Permission denied
Jan  3 20:29:40 apollo courierpop3login: rename(./new/1167863496.10496_0.apollo.example.com,./cur/1167863496.10496_0.apollo.example.com:2,) failed: Permission denied
Jan  3 20:29:41 apollo courierpop3login: Error while saving courierpop3dsizelist, user=web2_mckenzbJan  3 20:30:56 apollo imaplogin: DISCONNECTED, user=web2_mckenzb, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
Jan  3 21:27:55 apollo imaplogin: DISCONNECTED, user=web2_mckenzb, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
Jan  3 22:06:32 apollo imaplogin: DISCONNECTED, user=web2_mckenzb, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
Jan  3 22:20:05 apollo courierpop3login: LOGIN FAILED, ip=[::ffff:127.0.0.1]
Jan  3 23:10:41 apollo courierpop3login: LOGIN FAILED, ip=[::ffff:127.0.0.1]
Jan  4 01:14:27 apollo postfix/sendmail[6964]: fatal: usage: sendmail [options]
Jan  4 08:46:45 apollo imapd-ssl: LOGIN FAILED, ip=[::ffff:10.0.1.11]
    Code:
    droot@apollo:/var/www/web4# ls -la /var/www/web4/user/
total 24
drwxr-x--- 3 root web4 1024 2007-01-03 23:51 .
drwxr-xrwx 9 root web4 1024 2007-01-04 03:58 ..
-r-------- 1 root root    0 2007-01-03 23:51 .no_delete
drwxr-x--- 4 root web4 1024 2007-01-04 01:37 web4_mckenzb
    Code:
    root@apollo:/var/www/web4# ls -la
total 96
drwxr-xrwx 9 root web4 1024 2007-01-04 03:58 .
drwxr-xr-x 7 root root 1024 2007-01-04 00:28 ..
drwxr-x--- 2 root web4 1024 2007-01-03 23:51 cgi-bin
-rw------- 1 root web4   24 2007-01-04 01:37 .forward
drwxrwxr-x 3 root web4 1024 2007-01-03 23:51 ftp
-rw-rw-r-- 1 root web4   27 2007-01-04 03:58 .htpasswd
drwxr-x--- 3 root web4 1024 2007-01-04 00:28 log
lrwxr-x--- 1 root web4   39 2007-01-04 01:37 Maildir -> /var/www/web4/user/web4_mckenzb/Maildir
drwxr-x--- 2 root web4 1024 2007-01-03 23:51 phptmp
-rw-r--r-- 1 root root  465 2007-01-04 01:37 .procmailrc
drwxr-x--- 2 root web4 1024 2007-01-03 23:52 ssl
drwxr-x--- 3 root web4 1024 2007-01-03 23:51 user
lrwxr-x--- 1 root web4   47 2007-01-04 01:37 .vacation.cache -> /var/www/web4/user/web4_mckenzb/.vacation.cache
drwxr-x--- 4 root web4 1024 2007-01-04 03:58 web
     
    achaian, Jan 4, 2007
    #1
  2. martinfst

    martinfst Member Moderator

    A general remark: Using Postfix maildir's on NFS in generally considered a bad thing. See the Postfix mailing list. You will run eventually into a locking problem, which can cause lost mail.
     
    martinfst, Jan 4, 2007
    #2
  3. achaian

    achaian New Member

    I don't know much about these things so if I'm incorrect, I apologize.....

    I was under the impression maildir was the only way to go via NFS? I thought that locking issues were associated with mbox and NFS.

    ++++++++++++++++++++++++++
    http://www.postfix.org/NFS_README.html

    ++++++++++++++++++++++++++
     
    achaian, Jan 4, 2007
    #3
  4. martinfst

    martinfst Member Moderator

    From the same document:
    I just refer to the several emails I recall to have seen on the Postfix Users mailing list and the troubles it gives. Could well depend on the load on the mail/nfs servers. Personally I would try to avoid using NFS, but I agree this could depend on your specific situation.
     
    martinfst, Jan 4, 2007
    #4
  5. achaian

    achaian New Member

    I appreciate your response. Thank You.

    I am trying to work on a shoestring budget. The server doesn't have much storage space but I have the snapserver with 400+GB that I picked up cheap from ebay. My email archive is extensive and I needed room to put it. Thought the snap might be a nice place to store websites and emails. Everything works very well, I just can't seem to get over the permissions denied issues with postfix/courier.

    Thanks again for the words of wisdom, as I said I am not well rounded in Postfix/Courier.
     
    achaian, Jan 4, 2007
    #5
  6. martinfst

    martinfst Member Moderator

    NFS normally uses a anonymous user. Maybe you can mount as a nfs4 type filesystem. You can do user mapping between the two systems. I have only seen this in the man pages, I haven't used nfs4 myself.
     
    martinfst, Jan 4, 2007
    #6

Share This Page