Why do I get the error Permission denied: creating lock file hitching post when Exim tries to do a local delivery?

Your configuration specifies that local mailboxes are all held in single directory, via configuration lines like these (taken from the default configuration):

local_delivery:
  driver = appendfile
  file = /var/mail/$local_part

and the permissions on the directory probably look like this:

drwxrwxr-x   3 root     mail         512 Jul  9 13:48 /var/mail/

Using the default configuration, Exim runs as the local user when doing a local delivery, and it uses a lock file to prevent any other process from updating the mailbox while it is writing to it. With those permissions the delivery process, running as the user, is unable to create a lock file in the /var/mail directory. There are two solutions to this problem:

1. Set the write and sticky bit permissions on the directory, so that it looks like this:

drwxrwxrwt   3 root     mail         512 Jul  9 13:48 /var/mail/

The w allows any user to create new files in the directory, but the t bit means that only the creator of a file is able to remove it. This is the same setting as is normally used with the /tmp directory.

2. Arrange to run the local_delivery transport under a specific group by changing the configuration to read

local_delivery:
  driver = appendfile
  file = /var/mail/${local_part}
  group = mail

The delivery process still runs under the user's uid, but with the group set to mail. The group permission on the directory allows the process to create and remove the lock file. The choice between (1) and (2) is up to the administrator. If the second solution is used, users can empty their mailboxes by updating them, but cannot delete them. If your problem involves mail to root, see also `FAQ/Filtering/Q0507`_.