Postfix unable to create lock file, permission denied

ubuntu email postfix email-server

11,774

The postfix group should have Read/Write/Execute permissions on the /var/mail/vhosts folder.

11,774

Author by

John Bowlinger

Updated on September 18, 2022

Comments

John Bowlinger almost 2 years
I thought I had my postfix configuration all set up on my Amazon Ubuntu server but I guess not. I'm trying to set up an admin email account for 3 virtually hosted Apache websites. Here's my postfix main.cf file:
```
myhostname = ip-XX-XXX-XX-XXX.us-west-2.compute.internal
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ip-XX-XXX-XX-XXX.us-west-2.compute.internal, localhost.us-west-2.compute.internal, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

virtual_mailbox_domains = example1.com, example2.com, example3.com
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:115
virtual_gid_maps = static:115
virtual_alias_maps = hash:/etc/postfix/virtual
```
Here's my vmailbox file:
```
[email protected]                  example1.com/admin
[email protected]                  example2.com/admin
[email protected]                  example3.com/admin
@example1.com                       example1.com/catchall
@example2.com                       example2.com/catchall
@example3.com                       example3.com/catchall
```
And finally my virtual file:
```
[email protected]                 postmaster
[email protected]                 postmaster
[email protected]                 postmaster
```
When I try to send an email to through netcat to my one of my domains, I get:
```
unable to create lock file /var/mail/vhosts/example1.com/admin.lock: Permission denied
```
This is despite the fact that I set example1.com group to postfix and also my virtual_uid_maps and virtual_gid_maps are both set to Postfix group id of 115.
- Admin over 11 years
  
  Does the postfix group have rwx rights on that folder?
- Admin over 11 years
  
  @LaurentiuRoescu It did not. I chmodded the directory to 0775 from 0755. The permissions are now: drwxrwsr-x 2 root postfix 4096 Nov 13 10:58 /var/mail/vhosts/example1.com. It works perfectly now. Post your answer as official so I can accept it. Thanks!
- Admin over 11 years
  
  I'll be a little more precise: Whatever GID you set in virtual_gid_maps needs to have write access to the folder. Other than that, this information was exactly what I was looking for. (For various reasons, I had set my virtual_gid_maps value to a different number than the group number for postfix, so just setting the group to postfix and setting the permissions as described did not resolve my issue.) A few minutes of thinking about it made it clear where I was screwing up, and I hope this helps someone else.
рüффп almost 6 years

For me I gave 775 (root / mail) recursively (-R) and postfix user is in "mail" group but this is still not working. I restarted postfix but still have the issue.
рüффп almost 6 years

I also tried to give 2770 like in this post but still the same issue.
Mike Dotterer over 5 years

Depending on your configuration, it may not be the postfix group. It needs to match the user and group ids you configured in virtual_uid_maps and virtual_gid_maps. And if that user is postfix, it cannot violate the virtual_minimum_uid or you'll get a "mail system configuration error bad uid in virtual_uid_maps" error
Thomas Ward over 3 years

Just to echo what @MikeDotterer said, this can be a case of the virtual_uid_maps or virtual_gid_maps value not being an existing group or not having write access. On an Ubuntu system, /var/mail (where we have to have the mailboxes because of legacy chaos reasons) is owned by mail (uid,gid=8) so we had to adjust minimum uid and the maps accordingly to the static value. BUT it's working for delivery now. Bit chaotic, but it's working...