Try configuring like this: passdb { args = scheme=SHA256 username_format=%u /etc/dovecot/users driver = passwd-file }
passdb { driver = static args = username=%n noauthenticate skip = authenticated } passdb { driver = pam skip = authenticated } On 05.09.2017 14:29, Pol Hallen wrote: > Sure :) thanks > > cat /var/log/dovecot/[...] > > Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131) > Sep 05 13:26:02 auth: Debug: client in: AUTH 1 PLAIN > service=imap secured session=JK0Bfm9YuqfAqAFk > lip=192.168.1.100 rip=192.168.1.100 lport=143 > rport=42938 resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA== > (previous base64 data may contain sensitive data) > Sep 05 13:26:02 auth-worker(30088): Debug: > pam(use...@realsystem.org,192.168.1.100,<JK0Bfm9YuqfAqAFk>): lookup > service=username_format=user00 > Sep 05 13:26:02 auth-worker(30088): Debug: > pam(use...@realsystem.org,192.168.1.100,<JK0Bfm9YuqfAqAFk>): #1/1 > style=1 msg=Password: > ==> /var/log/dovecot.info <== > Sep 05 13:26:04 auth-worker(30088): Info: > pam(use...@realsystem.org,192.168.1.100,<JK0Bfm9YuqfAqAFk>): > pam_authenticate() failed: Authentication failure (password mismatch?) > (given password: pass) > ==> /var/log/dovecot.debug <== > Sep 05 13:26:04 auth: Debug: > passwd-file(use...@realsystem.org,192.168.1.100,<JK0Bfm9YuqfAqAFk>): > lookup: user=use...@realsystem.org file=/etc/dovecot/users > ==> /var/log/dovecot.info <== > Sep 05 13:26:04 auth: Info: > passwd-file(use...@realsystem.org,192.168.1.100,<JK0Bfm9YuqfAqAFk>): > unknown user (given password: pass) > ==> /var/log/dovecot.debug <== > Sep 05 13:26:06 auth: Debug: client passdb out: FAIL 1 > user=use...@realsystem.org > ==> /var/log/dovecot.info <== > Sep 05 13:26:06 imap-login: Info: Disconnected (auth failed, 1 > attempts in 4 secs): user=<use...@realsystem.org>, method=PLAIN, > rip=192.168.1.100, lip=192.168.1.100, secured > > doveconf -n > > # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.16 (fed8554) > # OS: Linux 4.9.0-3-amd64 x86_64 Debian 9.1 > auth_debug = yes > auth_debug_passwords = yes > auth_mechanisms = login plain > auth_verbose = yes > auth_verbose_passwords = yes > debug_log_path = /var/log/dovecot.debug > disable_plaintext_auth = no > info_log_path = /var/log/dovecot.info > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c > mail_debug = yes > mail_home = /home/vmail/%d/%n/Maildir > mail_location = maildir:~/Maildir > mail_plugins = " quota quota" > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate mime foreverypart > extracttext imapflags notify > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > subscriptions = yes > type = private > } > passdb { > args = username_format=%n > driver = pam > } > passdb { > args = scheme=SHA256 username_format=%u /etc/dovecot/users > driver = passwd-file > } > plugin { > mail_log_events = delete undelete expunge copy mailbox_delete > mailbox_rename append flag_change > mail_log_fields = uid box msgid size from subject vsize > quota = maildir:User quota > quota_rule = *:storage=10000M > quota_rule2 = Junk:storage=+100M > quota_rule3 = SPAM:storage=+100M > quota_warning = storage=90%% quota-warning 90 %u > sieve = file:~/sieve;active=~/.dovecot.sieve > sieve_extensions = +notify +imapflags > } > protocols = " imap sieve pop3 sieve" > quota_full_tempfail = yes > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > service_count = 1 > vsz_limit = 64 M > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > } > service quota-warning { > executable = script /root/bin/quota-warning.sh > unix_listener quota-warning { > mode = 0666 > user = vmail > } > user = root > } > ssl_cert = </etc/dovecot/dovecot.pem > ssl_dh_parameters_length = 2048 > ssl_key = # hidden, use -P to show it > userdb { > driver = passwd > } > userdb { > args = scheme=SHA256 username_format=%u /etc/dovecot/users > driver = passwd-file > } > userdb { > args = uid=vmail gid=vmail home=/home/vmail/%d/%n > driver = static > } > verbose_proctitle = yes > protocol lda { > mail_plugins = " quota quota sieve quota" > } > protocol imap { > mail_plugins = " quota quota imap_quota" > } > > > > > On 2017-09-05 13:01, Aki Tuomi wrote: > >> Can you provide >> >> doveconf -n (with the new config) >> >> enable auth_debug=yes, auth_verbose=yes and provide logs from >> authentication attempt? >> >> Aki >> >> On 05.09.2017 13:37, Pol Hallen wrote: thanks Aki, but with all your >> advices I've same problem: in the logs >> always I see the authentication with user and domain name, so dovecot >> doesn't accept it >> >> any idea? >> >> thanks! >> >> Pol >> >> On 2017-09-05 10:58, Aki Tuomi wrote: >> >> Oh right, you need to do it like this... >> >> after the passwd-file drivers add >> >> passdb { >> driver = static >> args = username=%n noauthenticate >> } >> >> Aki >> >> On 05.09.2017 11:03, Pol Hallen wrote: Hello, thanks for your reply >> >> I already tried with: >> >> username_format=%n or auth_username_format=%n but I've same problem >> >> Pol >> >> passdb { >> driver = pam >> args = username_format=%n >> } >> >> also you probably want to consider using driver=passwd instead, if you >> really don't need pam due to some special plugins. >> >> Aki > >