6

I thought I had my postfix configuration all set up on my Amazon Ubuntu server but I guess not. I'm trying to set up an admin email account for 3 virtually hosted Apache websites. Here's my postfix main.cf file:

myhostname = ip-XX-XXX-XX-XXX.us-west-2.compute.internal
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ip-XX-XXX-XX-XXX.us-west-2.compute.internal, localhost.us-west-2.compute.internal, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

virtual_mailbox_domains = example1.com, example2.com, example3.com
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:115
virtual_gid_maps = static:115
virtual_alias_maps = hash:/etc/postfix/virtual

Here's my vmailbox file: 

admin@example1.com                  example1.com/admin
admin@example2.com                  example2.com/admin
admin@example3.com                  example3.com/admin
@example1.com                       example1.com/catchall
@example2.com                       example2.com/catchall
@example3.com                       example3.com/catchall

And finally my virtual file:

postmaster@example1.com                 postmaster
postmaster@example2.com                 postmaster
postmaster@example3.com                 postmaster

When I try to send an email to through netcat to my one of my domains, I get:

unable to create lock file /var/mail/vhosts/example1.com/admin.lock: Permission denied

This is despite the fact that I set example1.com group to postfix and also my virtual_uid_maps and virtual_gid_maps are both set to Postfix group id of 115.

John Bowlinger
  • 297
  • 1
  • 4
  • 13
  • 1
    Does the postfix group have rwx rights on that folder? – Laurentiu Roescu Nov 13 '12 at 06:33
  • @LaurentiuRoescu It did not. I chmodded the directory to 0775 from 0755. The permissions are now: drwxrwsr-x 2 root postfix 4096 Nov 13 10:58 /var/mail/vhosts/example1.com. It works perfectly now. Post your answer as official so I can accept it. Thanks! – John Bowlinger Nov 13 '12 at 16:04
  • 1
    I'll be a little more precise: Whatever GID you set in virtual_gid_maps needs to have write access to the folder. Other than that, this information was exactly what I was looking for. (For various reasons, I had set my virtual_gid_maps value to a different number than the group number for postfix, so just setting the group to postfix and setting the permissions as described did not resolve my issue.) A few minutes of thinking about it made it clear where I was screwing up, and I hope this helps someone else. – user152402 Jan 07 '13 at 18:53

1 Answers1

6

The postfix group should have Read/Write/Execute permissions on the /var/mail/vhosts folder.

voretaq7
  • 79,345
  • 17
  • 128
  • 213
Laurentiu Roescu
  • 2,246
  • 16
  • 17
  • For me I gave 775 (root / mail) recursively (-R) and postfix user is in "mail" group but this is still not working. I restarted postfix but still have the issue. – рüффп Jul 19 '18 at 13:56
  • I also tried to give 2770 like in [this post](https://superuser.com/a/737472/196634) but still the same issue. – рüффп Jul 19 '18 at 13:59
  • 1
    Depending on your configuration, it may not be the postfix group. It needs to match the user and group ids you configured in `virtual_uid_maps` and `virtual_gid_maps`. And if that user is postfix, it cannot violate the `virtual_minimum_uid` or you'll get a "mail system configuration error bad uid in virtual_uid_maps" error – Mike Dotterer Mar 14 '19 at 18:56
  • Just to echo what @MikeDotterer said, this can be a case of the `virtual_uid_maps` or `virtual_gid_maps` value not being an existing group or not having write access. On an Ubuntu system, `/var/mail` (where we have to have the mailboxes because of legacy chaos reasons) is owned by `mail (uid,gid=8)` so we had to adjust minimum uid and the maps accordingly to the static value. BUT it's working for delivery now. Bit chaotic, but it's working... – Thomas Ward Jan 02 '21 at 01:26