lots of errors in maillog, why?
am a bit of a newbie, but I've recently built my first mail server (REHL with dovecot, postfix, SASL, ClamAV, MailScanner/SpamAssassin, PostGrey, SquirrelMail, Sieve).
Although I am yet to take it live (ie. redirect my MX records), my /var/log/maillog is starting to fill up with lots of log entries like this:
- the good bits of my /etc/postfix/main.cf read like this:
SpamAssassin is installed (it came with MailScanner), but i guess I've never properly looked into configuring it - i Fugured that MailScanner would have done this?
I have also changed all user passwords (granted I am using Linux system accounts), but this hasn't helped.
Also, we are on PLAIN + LOGIN as authentication options - I know that PLAIN isn't the best but I haven't been able to get an alternative working (yet). What are the odds of this being the PRIMARY problem here?
I have a root user enabled, but he does not have a home folder (ie. no mail folder). I am worried that the various mailing attempts to mail him (RCPT TO firstname.lastname@example.org) are being kept in limbo somewhere - instead of being deleted - because it can't find his mailbox?
Any thoughts would be great - I am due to take the box online soon, but the last thing i want it to do is to unknowingly be relaying spam - or worse - collecting wads of mail that might bring it crashing to a halt one day.
The first two lines are from postfix and don't look like errors.
The rest of the lines are from dovecot, so your postfix config is not helpful.
This says you are asking dovecot to do something in directory /root. That is the root user's home directory, so this is obviously wrong. Dovecot is started as a root process but drops root privileges so that an error in dovecot doesn't give root access to an attack. Post your dovecot config if you can't figure out the problem.
Thanks for the advise! I'm still having issues similar to the above, and haven't found the cause of it. I suspect it's something to do with dovecot's chrooting setup (which is admittedly the one area of dovecot that I haven't investigated a lot).
As an aside, I did find that I had 2x cron-based daily emails (one is logwatch, the other is a cron.daily report) that were attempting to send to email@example.com . I thought that this might be breaking things (As my mailboxes lie in their own custom location - /home/%u , and also I've not created a mailbox folder for 'root' user)... but even after redirecting cron+logwatch to a different address, these errors persist.
is something (perhaps someone externally) still trying to send stuff to firstname.lastname@example.org? or is it simply some problems with dovecot.conf? Am i relaying? Here are all of my dovecot.conf lines containing the word 'root':
|All times are GMT -5. The time now is 06:02 AM.|