Dovecot configuration error (Permission denied) - Email for root

Question

I have setup a local user called postman and logged into it using Thunderbird (IMAP). Following is being shown in the mail error log.

Dec 14 23:45:18 ams1 dovecot: lda(root): Fatal: Invalid user settings. Refer to server    log for more information.
Dec 14 23:45:18 ams1 dovecot: lda(root): Error: chdir(/root/) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700)
Dec 14 23:45:18 ams1 dovecot: lda(root): Error: chdir(/root) failed: Permission denied
Dec 14 23:45:18 ams1 dovecot: lda(root): Error: user root: Initialization failed:    Initializing mail storage from mail_location setting failed: stat(/root/Maildir) failed:    Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root, dir owned by 0:0 mode=0700)

How to solve it and how to exclude root from using mail?

/etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:~/Maildir

/etc/postfix/main.cf

home_mailbox = Maildir/

Is there a better way of storing emails rather than in /home?

Answer 1

Delivery of email for root (MTA alias)

Standard security recommendation states that email to root should be redirected to non privileged user -> In postfix configuration create alias for root.

http://www.postfix.org/aliases.5.html

BTW AFAIR some file system (NFS?) map user root to user nobody.

Answer 2

Dovecot has configuration options:

first_valid_uid         = 26
last_valid_uid          = 0

first_valid_gid         = 6
last_valid_gid          = 0

All uids/gids below that values are treated as unacceptable and cause delivery fault. Sure you can easily change first valid uid to zero but, as mentioned above, much better to alias all root and system mail to the some nonprivileged account, preferrably virtual.