So I followed [the guide][1] on how to set up a simple mail filter with Postfix, so that I can do a find-replace in the body of outgoing emails. I created a script at /tmp/mailfilter.sh, and changed the /etc/postfix/master.cf file as instructed
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
-o content_filter=filter:dummy
filter unix - n n - 10 pipe
flags=Rq user=filter null_sender=
argv=/tmp/mailfilter.sh -f ${sender} -- ${recipient}
I created a user called filter and made it the owner of the script. But when I tried sending an email, I get the following error:
Jun 7 03:01:53 localhost postfix/qmgr[31288]: 134D944A0673: from=<sender@gmail.com>, size=894, nrcpt=1 (queue active)
Jun 7 03:01:53 localhost pipe[31603]: fatal: pipe_command: execvp /tmp/mailfilter.sh: Permission denied
Jun 7 03:01:53 localhost postfix/pipe[31562]: 134D944A0673: to=<receiver@gmail.com>, relay=filter, delay=8974, delays=8974/0/0/0.01, dsn=4.3.0, status=deferred (temporary failure. Command output: pipe: fatal: pipe_command: execvp /tmp/mailfilter.sh: Permission denied )
Specifically what I'm assuming is relevant is
(temporary failure. Command output: pipe: fatal: pipe_command: execvp /tmp/mailfilter.sh: Permission denied )
/tmp/mailfilter.sh has chmod a+x and is owned by filter. I tried removing everything in it so it's just an empty file, and I still get the permission denied error.
I can't figure out what I'm missing. I've set every permission I can find, but Postfix is doing something arcane that I don't understand.
