courier mta Virtual Users Deliver to mbox Instead of Maildir – Failure of maildrop – .mailfilter Doesn’t Work

In a recent server upgrade (and in fact in a prior server upgrade a few years back) I ran into a problem where my Courier Mail Server (courier-mta) virtual users (virtual domains) for use with IMAP or POP3 (and with ESMTP) no longer functioned correctly after the upgrade. I used courier on a fresh install of Ubuntu 20.04. I installed all the courier packages, including maildrop.

The problem was the mail was being delivered to a traditional mbox of the real system account I was using as the UID for virtual accounts. I was using an account called vmail and all the mail for the virtual users was being delivered into /var/mail/vmail in mbox format, rather than to the respecivet Maildir directories. Also, in my testing I found that the individual .mailfilter scripts were not being executed.

Perhaps you are even setting up a new courier server with virtual users (virtual domains), but you are just using the default apt-get install packages for courier. However, your virtual users are not working.

I was getting errors like these from courirerlocal:

/usr/bin/maildrop: Unable to create a dot-lock at /var/mail/3741.0.xxx.yyyyy.com.

OR

/usr/bin/maildrop: Unable to open mailbox.

I had copied the mysql database and the authmysqlrc and authdaemonrc from the old install on the old server. So surely that was all fine.

I recalled a similar issue during my last upgrade, but I failed to log what I had done. I knew it had something to do with /usr/bin/maildrop . So I checked the version of maildrop that install from apt on Ubuntu 20.04:

mybox> /usr/bin/maildrop -version
maildrop 2.9.3 Copyright 1998-2017 Double Precision, Inc.
GDBM/DB extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension are now always enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.

That sounded good. It’s from Double Precision, the maker of the courier mail server. It even says, “Courier Authentication Library extension enabled.” That sounded great! This has to be right maildrop.

Doesn’t it?

No. This is the generic maildrop from Double Precision. It lacks support for the courier style virtual users.

The maildrop you want is the one that comes with the courier sources (not with the courier package on Ubuntu apparently). But the confusion gets worse because the courier website has a maildrop package that you can download as a standalone. I tired this thinking I was getting the latest and great maildrop and all would be good. Nope.

mybox> /usr/local/bin/maildrop -version
maildrop 3.0.3 Copyright 1998-2018 Double Precision, Inc.
GDBM/DB extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension are now always enabled.
This program is distributed under the terms of the GNU General Public License. See COPYING for additional information.

Again, this has the Courier Authentication Library and everything. This has got to be right!

No.

Finally, I downloaded the sources (be sure to get Package: Courier and NOT Package: maildrop) for the entire courier package and built those (required adding a few things… I may do a full howto someday, but for now you have to figure this bit out on your own). I built these new sources and then copied the maildrop binary from: /path/to/courier-1.1.4/courier/maildrop over to /usr/bin/maildrop and everything magically worked. (You might also have to make maildrop setuid root depending on your install).

The correct maildrop looks like this:

mybox> /usr/bin/maildrop -version
maildrop 3.0.3 Copyright 1998-2018 Double Precision, Inc.
Courier-specific maildrop build. This version of maildrop should only be used with Courier, and not any other mail server.
GDBM/DB extensions enabled.
Maildir quota extension are now always enabled.
This program is distributed under the terms of the GNU General Public License. See COPYING for additional information.

Note the critical line, “Courier-specific maildrop build.” If your maildrop doesn’t spit out this line when you check the version it most likely is not going to work right with courier virtual users (virtual domains) when you use the following option in your /etc/courier/courierd configuration file.

DEFAULTDELIVERY="| /usr/bin/maildrop"

You need this magic version of maildrop to get virtual users to work right with mysql or with userdb, etc. If you have the wrong version of maildrop then your .mailfilter files will not get executed, and you may get various errors like these from courierlocal:

/usr/bin/maildrop: Unable to create a dot-lock at /var/mail/193271.0.xxx.yyyy.com.

OR

/usr/bin/maildrop: Unable to open mailbox.

Or all the mail for the virtual users may instead end up going to a mbox formatted mailbox in the system account you setup as the real id of your virtual users (mail or vmail, etc.).

This entry was posted in Uncategorized and tagged , , , , , , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.