Enter the following command to see the FQDN form of your hostname.

hostname -f

If your CentOS/RHEL server doesn’t have an FQDN yet, you can use hostnamectl to set one.

sudo hostnamectl set-hostname mail.yourdomain.com

 

 

 

 

 

 

 

 

Dovecot does not have permission to retrieve email from PostFix

Error message as below:

 

Mar 3 21:35:46 frankfu postfix/qmgr[43865]: 9539D40C6B9F: from=<xxxx@gmail.com>, size=2975, nrcpt=1 (queue active)
Mar 3 21:35:46 frankfu dovecot: lmtp(44454): Connect from local
Mar 3 21:35:46 frankfu dovecot: lmtp(frank): Error: fchown(/home/frank/mail/.imap, group=12(mail)) failed: Operation not permitted (egid=1000(frank), group based on /var/mrank – see http://wiki2.dovecot.org/Errors/ChgrpNoPerm)
Mar 3 21:35:46 frankfu dovecot: lmtp(frank): msgid=<xxxxB@gmail.com>: save failed to open mailbox INBOX: Permission denied
Mar 3 21:35:46 frankfu dovecot: lmtp(44454): Disconnect from local: Successful quit
Mar 3 21:35:46 frankfu postfix/lmtp[44453]: 9539D40C6B9F: to=<frank@frankfu.click>, relay=frankfu.click[private/dovecot-lmtp], delay=456, delays=456/0.02/0.02/0.03, dsn=4.status=deferred (host frankfu.click[private/dovecot-lmtp] said: 451 4.2.0 <frank@frankfu.click> Permission denied (in reply to end of DATA command))

Edit the configuration file for dovecot, which is  /etc/dovecot/conf.d/10-master.conf

Find below lines(about  line 77):

 

service auth {
 # auth_socket_path points to this userdb socket by default. It's typically
 # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
 # full permissions to this socket are able to get a list of all usernames and
 # get the results of everyone's userdb lookups.
 #
 # The default 0666 mode allows anyone to connect to the socket, but the
 # userdb lookups will succeed only if the userdb returns an "uid" field that
 # matches the caller process's UID. Also if caller's uid or gid matches the
 # socket's uid or gid the lookup succeeds. Anything else causes a failure.
 #
 # To give the caller full permissions to lookup all users, set the mode to
 # something else than 0666 and Dovecot lets the kernel enforce the
 # permissions (e.g. 0777 allows everyone full permissions).
 unix_listener auth-userdb {
 #mode = 0666
 #user =
 #group =
 }

# Postfix smtp-auth
 unix_listener /var/spool/postfix/private/auth {
#double check below lines, it was default 0666, change to 0660 can fix the issue.
 mode = 0660
 user = postfix
 group = postfix
 }

# Auth process is run as this user.
 #user = $default_internal_user
}

 

Reference

 

https://www.linuxbabe.com/redhat/run-your-own-email-server-centos-postfix-smtp-server

https://www.linuxbabe.com/redhat/install-dovecot-centos-enable-tls-encryption