See answers inline
> On 15/04/2025 19:50 EEST Juergen Edner via dovecot <[email protected]>
> wrote:
>
>
> Hello,
> as Dovecot 2.4.1 has been published, I started investigation how I need
> to modify my existing Dovecot 2.3.x configuration, which worked
> flawlessly the last 5 years.
> With the help of the doveconf tool I've identified the parameters which
> need to be modified and I got rid of the error message at the end.
> Nevertheless, not getting any errors displayed, does not automatically
> mean, that it has correctly been configured.
>
> Here is the initial auth configuration and hopefully the right 2.4 version:
>
> Dovecot23: disable_plaintext_auth = yes
> auth_username_format = %Lu
> auth_mechanisms = plain login cram-md5
>
> passdb {
> driver = passwd-file
> args = username_format=%Lu /path/to/aliases-file
> }
>
> passdb {
> driver = passwd-file
> args = scheme=cram-md5 /path/to/cram-md5-file
> }
>
> userdb {
> driver = passwd
> }
>
> Dovecot24: auth_allow_cleartext = no
> auth_username_format = %{user | lower}
> auth_mechanisms = plain login cram-md5
>
> passdb aliases-file {
> passwd_file_path = /path/to/aliases-file
> }
>
> passdb md5-file {
> passwd_file_path = /path/to/cram-md5-file
> }
>
> userdb passwd-file {
> passwd_file_path = /etc/passwd
> }
>
> Here are my questions:
>
> - The first passdb configuration (aliases file) initially contained the
> "args = username_format=%Lu ..." option. Do I still need to convert this
> to a dedicated "auth_username_format = %{user | lower}" line or is this
> already covered by the global "auth_username_format" setting?
>
Yes, it's covered.
> - The second passdb configuration (cram-md5 file) initially contained
> the "args = scheme=cram-md5 ..." option. I couldn't find any replacement
> for it. Does this mean the only alternative would be to prefix all
> passwords in the password file with "{CRAM-MD5}"?
default_password_scheme = cram-md5
> - For the third userdb configuration (passwd file) I made use of the
> "passwd_file_path" parameter. Is this a valid replacement for the
> original "driver = passwd" entry or have I forgotten anything?
>
You are missing
driver = passwd-file
on all of them.
> BTW, I was curious if ChatGPT could do the job faster than me, but I can
> say "not yet". It made several errors and had to be corrected one by one
> but that might change in the future if more and more people are asking
> for support on this topic.
>
> Thanks Juergen
>
> --
> Mail: [email protected]
Aki
_______________________________________________
dovecot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
