Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Tue, Apr 1, 2014 at 6:22 AM, Charles Marcus cmar...@media-brokers.com wrote: ... What you are missing is that there is a very good reason that ONLY the output of doveconf -n is wanted here... It proves that you are using the settings you think you are using. # doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.4 disable_plaintext_auth = no log_path = /var/log/dovecot.log mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Sent Messages { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /var/mail/%d/users driver = passwd-file } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 ssl_cert = /etc/dovecot/dovecot.pem ssl_key = /etc/dovecot/private/dovecot.pem userdb { driver = passwd } ** # postconf -n alias_maps = hash:/etc/postfix/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix inet_interfaces = all inet_protocols = all mailbox_command = mailbox_size_limit = 0 mydestination = debian-x2.home.pvt, localhost.home.pvt, localhost myhostname = debian-x2.home.pvt mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_protocols = !SSLv2 !SSLv3 !PSK !SRP !KRB5 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = hash:/etc/postfix/aliases virtual_gid_maps = static:5000 virtual_mailbox_base = /var/mail virtual_mailbox_domains = hash:/etc/postfix/domains virtual_mailbox_maps = hash:/etc/postfix/mailboxes virtual_minimum_uid = 100 virtual_uid_maps = static:5000
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Tue, Apr 1, 2014 at 6:44 AM, Charles Marcus cmar...@media-brokers.com wrote: On 4/1/2014 6:34 AM, Jeffrey Walton noloa...@gmail.com wrote: On Tue, Apr 1, 2014 at 6:22 AM, Charles Marcus cmar...@media-brokers.com wrote: ... What you are missing is that there is a very good reason that ONLY the output of doveconf -n is wanted here... It proves that you are using the settings you think you are using. # doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.4 disable_plaintext_auth = no So... where is auth_mechanisms? You said you had it set to # doveconf -n | head -1 # 2.1.7: /etc/dovecot/dovecot.conf # cat /etc/dovecot/dovecot.conf | grep -i auth_ auth_mechanisms = plain login digest-md5 cram-md5 #auth_proxy_self = Obviously, I don't know how. That's the file that conf dovecot claims it is using. It you know how to find out the conf file dovecot is *really* using, then please let me know. Jeff
[Dovecot] Book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin?
I'm looking for a book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin The blog posts and the mini-HowTo's I am reading lack the detail to be useful to me (due to my own ignorance). Amazon does not list any books for sale. There are some hits when searching for Dovecot, but I expect them to be one section with the quality of a blog post or mini-HowTo. (I have two books on Red Hat and Fedora administration, and the discussions don't meet the quality of a blog post). Does anyone know of a book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin? If there are no books with a structured treatment, then O'Reilly is always looking for authors: http://oreilly.com/oreilly/author/intro.csp.
Re: [Dovecot] Book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin?
On Tue, Apr 1, 2014 at 7:37 AM, Robert Schetterer r...@sys4.de wrote: Am 01.04.2014 13:22, schrieb Jeffrey Walton: ... Does anyone know of a book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin? If there are no books with a structured treatment, then O'Reilly is always looking for authors: http://oreilly.com/oreilly/author/intro.csp. the problem of books, they are outdated quickly also they may specialized with one software only however you may read basics there Yes. O'Reilly's eBook attempts to address the issue with frequent updates published electronically. (Though I personally have a taste for paper). https://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ for a more ultimate setup description however you may have a look at http://www.amazon.co.uk/Book-Postfix-Ralf-Hildebrandt/dp/1593270011/ref=sr_1_2?s=booksie=UTF8qid=1396352179sr=1-2keywords=postfix Thank you very much. Jeff
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Tue, Apr 1, 2014 at 8:19 PM, Joseph Tam jtam.h...@gmail.com wrote: Jeffrey Walton noloa...@gmail.com writes: passdb { args = /var/mail/%d/users driver = passwd-file } ... userdb { driver = passwd } Your userdb and passdb are not using the same DB: did you intend this? Yeah, I did not add that. That's coming from somewhere else (like the auth_mechanisms). I think Charles said it was a config file in a different directory. I'll be looking at in more detail soon. I suspect it one of these two lines from dovecot.conf: !include conf.d/*.conf or !include_try local.conf Related: what does the bang mean? I've got a programming background, and to me its a NOT. So I would read that as don't include conf.d/ It would have the same effect as commenting it out. Does the userdb have user@domain entries, rather than just user entries? user@domain I just performed a fresh install of Debian, so I can look at things without all the tutorial knob turning. Thanks for the help.
[Dovecot] Info on Config Sharing or Unfied Config?
Is there a wiki page or other resource on configuration sharing between Postfix and Dovecot? Or is there a unified config file somewhere that I can use for mail components (like Postfix, Dovecot, Clam, and Spam Assassin)? I'm finding that I need to add the same information in multiple places. For example, Postfix users go in /etc/postif/vmailboxes, but Dovecot uses a user/password database stored in /var/mail/%d/%u (or other methods). And the same certificates and keys get entered multiple times. I think (or hope) there's something better, but I have not come across the resource.
[Dovecot] Specifying passwd-file with virtual domains?
I'm trying to use virtual domains and I'm suffering a disconnect. I have two domains - foo.com and bar.com. On the filesystem, they are located at /var/mail/foo.com/ and /var/mail/bar.com/. Users are located at /var/mail/foo.com/john/, /var/mail/bar.com/jane/, etc. There are two password files with user:schemepassword entries. The scheme is {PLAIN}. They are located at /var/mail/foo.com/users and /var/mail/bar.com/users. According to the wiki, these are passwd-file databases (http://wiki2.dovecot.org/AuthDatabase/PasswdFile). I specified the following in my dovecot.conf. passdb { args = /var/mail/%d/users driver = passwd-file } Attempts to use the configuration result in an authentication failure. Here's an entry from dovecot.log when the failure happens: Mar 31 16:04:12 imap-login: Info: Disconnected (auth failed, 1 attempts in 5 secs): user=j...@foo.com, method=PLAIN, rip=127.0.0.1, lip=127.0.1.1, secured, session=n5/ajez1FgB/AAAB What exactly goes where to have Dovecot use the 'users' files to authenticate users? Thanks in advance and my apologies for the question. Two days of blog posts, mini-HowTo's and mailing lists has only help me discover ways to do things incorrectly. ** # dovecot --version 2.1.7 # doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.4 disable_plaintext_auth = no log_path = /var/log/dovecot.log login_trusted_networks = 127.0.0.1 mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } ... prefix = } passdb { args = /var/mail/%d/users driver = passwd-file } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 ssl_cert = /etc/dovecot/dovecot.pem ssl_key = /etc/dovecot/private/dovecot.pem userdb { driver = passwd }
[Dovecot] Dovecot not honoring configuration settings (auth failure)
My dovecot.conf has the following: # No results when searching the wiki disable_plaintext_auth = no # http://wiki2.dovecot.org/Authentication/Mechanisms auth_mechanisms = plain login digest-md5 cram-md5 When I attempt to run imapsync, I receive an error: Host2: host says it has NO CAPABILITY for AUTHENTICATE LOGIN imapsync also dumps the helo string, and it is missing: Host2: * OK [CAPABILITY IMAP4rev1 LITERAL+ ... STARTTLS AUTH=PLAIN] Dovecot ready. I've restarted the dovecot service with 'service dovecot restart' and even rebooted the machine. There is nothing reported in any on the log files (/var/mail/dovecot.log and /var/log/mail.level). Any ideas why dovecot is not honoring the setting in its config file? ** # dovecot --version 2.1.7 # doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.4 disable_plaintext_auth = no log_path = /var/log/dovecot.log mail_location = mbox:~/mail:INBOX=/var/mail/%u namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } ... prefix = } passdb { args = /var/mail/%d/users driver = passwd-file } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 ssl_cert = /etc/dovecot/dovecot.pem ssl_key = /etc/dovecot/private/dovecot.pem userdb { driver = passwd }
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Mon, Mar 31, 2014 at 5:39 PM, Reindl Harald h.rei...@thelounge.net wrote: Am 31.03.2014 23:37, schrieb Jeffrey Walton: My dovecot.conf has the following: # No results when searching the wiki disable_plaintext_auth = no # http://wiki2.dovecot.org/Authentication/Mechanisms auth_mechanisms = plain login digest-md5 cram-md5 When I attempt to run imapsync, I receive an error: Host2: host says it has NO CAPABILITY for AUTHENTICATE LOGIN imapsync also dumps the helo string, and it is missing: Host2: * OK [CAPABILITY IMAP4rev1 LITERAL+ ... STARTTLS AUTH=PLAIN] Dovecot ready. I've restarted the dovecot service with 'service dovecot restart' and even rebooted the machine. There is nothing reported in any on the log files (/var/mail/dovecot.log and /var/log/mail.level). Any ideas why dovecot is not honoring the setting in its config file? and the settings are *really* in /etc/dovecot/dovecot.conf or in some .d-folder which may or may not be included? I believe they are in /etc/dovecot/dovecot.conf: # cat /etc/dovecot/dovecot.conf | grep -i auth_ auth_mechanisms = plain login digest-md5 cram-md5 #auth_proxy_self = Jeff
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Mon, Mar 31, 2014 at 6:29 PM, Joseph Tam jtam.h...@gmail.com wrote: Jeffrey Walton noloa...@gmail.com writes: I specified the following in my dovecot.conf. passdb { args = /var/mail/%d/users driver = passwd-file } Attempts to use the configuration result in an authentication failure. Here's an entry from dovecot.log when the failure happens: Mar 31 16:04:12 imap-login: Info: Disconnected (auth failed, 1 attempts in 5 secs): user=j...@foo.com, method=PLAIN, rip=127.0.0.1, lip=127.0.1.1, secured, session=n5/ajez1FgB/AAAB Just to confirm, your user specified in the passdb corresponds to what is being authenticated (i.e. client is authenticating as j...@foo.com, not jeff)? Otherwise, you'll need to add domains to your passdb, or configure username_format=%n Yes, I believe so: $ sudo cat /var/mail/foo.com/users # Generate passwords with: # doveadm pw -s PLAIN -p password # Real users t...@foo.com:{PLAIN}some-password j...@foo.com:{PLAIN}some-password In case it matters, here are the Postfix settings (but they should not apply since this is an IMAP exercise): $ sudo cat /etc/postfix/mailboxes # Real users t...@foo.com foo.com/tad/ j...@foo.com foo.com/jeff/ Its compiled with `postmap`: postmap /etc/postfix/mailboxes And then specified in `main.cf` with: virtual_mailbox_maps = hash:/etc/postfix/mailboxes And my two domains are handled similarly in `domains`. Jeff