Sendmail mailer definition doesn't always obey U=username:group

Question

I'm attempting to use Dovecot virtual users with sendmail, based on this post using sendmail, dovecot-lda and sendmail's mailertable lookup.

This is mostly working. The only remaining issue is for email that originates on the local host (from cron or whatever). In this case, it appears the username:group in the sendmail mailer definition is ignored, and sendmail is using the uid/gid of the local user that sent the mail when running dovecot-lda.

Sendmail.mc has this:

Mdovecot,
    P=/usr/lib/dovecot/dovecot-lda,
    F=l59DFMPhnu,
    S=EnvFromL/HdrFromL,
    R=EnvToL/HdrToL,
    M=51200000,
    U=vmail:vmail,
    T=DNS/RFC822/X-Unix,
    A=/usr/lib/dovecot/dovecot-lda -d $u

This works fine for external email received by this host, but when sendmail attempts to deliver locally-originated email, it fails with the following errors from dovecot-lda (when the local user bitnami sends email to the virtual user greg):

Nov 24 09:59:46 aws dovecot: lda(greg): Fatal: setgid(122(vmail) from userdb lookup) failed with euid=1000(bitnami), gid=1000(bitnami), egid=1000(bitnami): Operation not permitted (This binary should probably be called with process group set to 122(vmail) instead of 1000(bitnami))
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592: to=greg@vmail, ctladdr=<bitnami@*deleted*> (1000/1000), delay=00:06:19, xdelay=00:00:00, mailer=dovecot, pri=180630, relay=dummy, dsn=4.0.0, stat=Deferred: dovecot mailer (/usr/lib/dovecot/dovecot-lda) exited with EX_TEMPFAIL

The EX_TEMPFAIL causes the mail to be queued, and it is stuck in the sendmail queue (eliciting the same error each queue run) until it times out and bounces.

This error seems to be saying the U=vmail:vmail entry in the Sendmail mailer def is being ignored in this case, but it is (one assumes) obeyed in the case where email comes from outside this site.

Can anyone explain what's going on here and how to fix it?

As requested, full logs

Nov 24 09:53:27 aws sm-mta[24592]: 0AO9rRtq024592: from=<bitnami@aws.*deleted*>, size=347, class=0, nrcpts=1, msgid=<202011240953.0AO9rRPG024591@aws.*deleted*>, proto=ESMTPS, daemon=MTA
-v4, relay=localhost [127.0.0.1]
Nov 24 09:53:27 aws sendmail[24591]: 0AO9rRPG024591: to=<greg@*deleted*>, ctladdr=bitnami@aws.*deleted* (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30089, relay=[127
.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (0AO9rRtq024592 Message accepted for delivery)
Nov 24 09:53:27 aws sm-mta[24593]: 0AO9rRtq024592: to=/home/greg/greg.mbox, ctladdr=<greg@*deleted*> (8/0), delay=00:00:00, xdelay=00:00:00, mailer=*file*, pri=90630, dsn=2.0.0, stat=Sent
Nov 24 09:53:27 aws sm-mta[24593]: 0AO9rRtq024592: to=greg@vmail, ctladdr=<bitnami@aws.*deleted*> (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=dovecot, pri=90630, relay=dummy, ds
n=4.0.0, stat=Deferred: dovecot mailer (/usr/lib/dovecot/dovecot-lda) exited with EX_TEMPFAIL
Nov 24 09:53:28 aws sm-mta[24593]: 0AO9rRtq024592: to=*myuser*@*also-deleted*, ctladdr=<bitnami@aws.*deleted*> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=90630, relay=asav.*also-deleted*. [x.x.x.x], dsn=2.0.0, stat=Sent (ok:  Message 473950264 accepted)
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592: SYSERR(root): putbody: write error: Broken pipe
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   0: fl=0x8000, mode=20666: CHR: dev=0/6, ino=6, nlink=1, u/gid=0/0, size=0
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   1: fl=0x8001, mode=20666: CHR: dev=0/6, ino=6, nlink=1, u/gid=0/0, size=0
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   2: fl=0x8001, mode=20666: CHR: dev=0/6, ino=6, nlink=1, u/gid=0/0, size=0
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   3: fl=0x2, mode=140777: SOCK localhost->[[UNIX: /run/systemd/journal/dev-log]]
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   4: fl=0x8002, mode=100640: dev=202/1, ino=1283627, nlink=1, u/gid=0/118, size=981
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   5: fl=0x8000, mode=100640: dev=202/1, ino=1285769, nlink=1, u/gid=0/118, size=13
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   6: fl=0x8000, mode=100640: dev=202/1, ino=1037622, nlink=1, u/gid=0/118, size=12288
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   7: fl=0x8000, mode=100640: dev=202/1, ino=1037622, nlink=1, u/gid=0/118, size=12288
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   8: fl=0x8000, mode=100640: dev=202/1, ino=1037621, nlink=1, u/gid=0/118, size=12288
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:   9: fl=0x8000, mode=100640: dev=202/1, ino=1037621, nlink=1, u/gid=0/118, size=12288
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:  11: fl=0x1, mode=10600: FIFO: dev=0/10, ino=10889509, nlink=1, u/gid=0/118, size=0
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592:  12: fl=0x0, mode=10600: FIFO: dev=0/10, ino=10889510, nlink=1, u/gid=0/118, size=0
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592: MCI@0x0: NULL
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592: MCI@0x0: NULL
Nov 24 09:59:46 aws sm-mta[24675]: 0AO9rRtq024592: to=greg@vmail, ctladdr=<bitnami@aws.*deleted*> (1000/1000), delay=00:06:19, xdelay=00:00:00, mailer=dovecot, pri=180630, relay=dummy, d
sn=4.0.0, stat=Deferred: dovecot mailer (/usr/lib/dovecot/dovecot-lda) exited with EX_TEMPFAIL

Initial email is delivered to three destinations, a local file (so i don't lose mail while all this is going on), a mailbox at my ISP, and failed attempt via dovecot-lda. The sequence at 9:59 repeats initially every 10 minutes, until the message eventually times out after 5 days.

Mail that is received via SMTP in this host is delivered fine, it's only mail that originates on this host that is failing.

Answer 1

It looks like direct delivery attempt instead of passing message to local sendmail daemon running as root [sendmail-8.12+ default installation way]

Is your sendmail binary installed as set group id?
It /etc/mail/submit.cf present?
Have you installed sendmail from your distribution package? [Which distribution?]