Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Tue, Apr 1, 2014 at 6:22 AM, Charles Marcus
cmar...@media-brokers.com wrote:
...
What you are missing is that there is a very good reason that ONLY the
output of doveconf -n is wanted here...
It proves that you are using the settings you think you are using.
# doveconf -n
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-686-pae i686 Debian 7.4
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
mail_location = mbox:~/mail:INBOX=/var/mail/%u
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /var/mail/%d/users
driver = passwd-file
}
passdb {
driver = pam
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3
ssl_cert = /etc/dovecot/dovecot.pem
ssl_key = /etc/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
**
# postconf -n
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
inet_protocols = all
mailbox_command =
mailbox_size_limit = 0
mydestination = debian-x2.home.pvt, localhost.home.pvt, localhost
myhostname = debian-x2.home.pvt
mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_sasl_auth_enable = yes
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_protocols = !SSLv2 !SSLv3 !PSK !SRP !KRB5
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/aliases
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/mail
virtual_mailbox_domains = hash:/etc/postfix/domains
virtual_mailbox_maps = hash:/etc/postfix/mailboxes
virtual_minimum_uid = 100
virtual_uid_maps = static:5000
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Tue, Apr 1, 2014 at 6:44 AM, Charles Marcus cmar...@media-brokers.com wrote: On 4/1/2014 6:34 AM, Jeffrey Walton noloa...@gmail.com wrote: On Tue, Apr 1, 2014 at 6:22 AM, Charles Marcus cmar...@media-brokers.com wrote: ... What you are missing is that there is a very good reason that ONLY the output of doveconf -n is wanted here... It proves that you are using the settings you think you are using. # doveconf -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.4 disable_plaintext_auth = no So... where is auth_mechanisms? You said you had it set to # doveconf -n | head -1 # 2.1.7: /etc/dovecot/dovecot.conf # cat /etc/dovecot/dovecot.conf | grep -i auth_ auth_mechanisms = plain login digest-md5 cram-md5 #auth_proxy_self = Obviously, I don't know how. That's the file that conf dovecot claims it is using. It you know how to find out the conf file dovecot is *really* using, then please let me know. Jeff
[Dovecot] Book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin?
I'm looking for a book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin The blog posts and the mini-HowTo's I am reading lack the detail to be useful to me (due to my own ignorance). Amazon does not list any books for sale. There are some hits when searching for Dovecot, but I expect them to be one section with the quality of a blog post or mini-HowTo. (I have two books on Red Hat and Fedora administration, and the discussions don't meet the quality of a blog post). Does anyone know of a book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin? If there are no books with a structured treatment, then O'Reilly is always looking for authors: http://oreilly.com/oreilly/author/intro.csp.
Re: [Dovecot] Book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin?
On Tue, Apr 1, 2014 at 7:37 AM, Robert Schetterer r...@sys4.de wrote: Am 01.04.2014 13:22, schrieb Jeffrey Walton: ... Does anyone know of a book on Postfix/Dovecot or Postfix/Dovecot/Clam/Spam Assassin? If there are no books with a structured treatment, then O'Reilly is always looking for authors: http://oreilly.com/oreilly/author/intro.csp. the problem of books, they are outdated quickly also they may specialized with one software only however you may read basics there Yes. O'Reilly's eBook attempts to address the issue with frequent updates published electronically. (Though I personally have a taste for paper). https://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ for a more ultimate setup description however you may have a look at http://www.amazon.co.uk/Book-Postfix-Ralf-Hildebrandt/dp/1593270011/ref=sr_1_2?s=booksie=UTF8qid=1396352179sr=1-2keywords=postfix Thank you very much. Jeff
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Tue, Apr 1, 2014 at 8:19 PM, Joseph Tam jtam.h...@gmail.com wrote:
Jeffrey Walton noloa...@gmail.com writes:
passdb {
args = /var/mail/%d/users
driver = passwd-file
}
...
userdb {
driver = passwd
}
Your userdb and passdb are not using the same DB: did you intend this?
Yeah, I did not add that. That's coming from somewhere else (like the
auth_mechanisms).
I think Charles said it was a config file in a different directory.
I'll be looking at in more detail soon. I suspect it one of these two
lines from dovecot.conf:
!include conf.d/*.conf
or
!include_try local.conf
Related: what does the bang mean? I've got a programming background,
and to me its a NOT. So I would read that as don't include
conf.d/ It would have the same effect as commenting it out.
Does the userdb have user@domain entries, rather than just user
entries?
user@domain
I just performed a fresh install of Debian, so I can look at things
without all the tutorial knob turning.
Thanks for the help.
[Dovecot] Info on Config Sharing or Unfied Config?
Is there a wiki page or other resource on configuration sharing between Postfix and Dovecot? Or is there a unified config file somewhere that I can use for mail components (like Postfix, Dovecot, Clam, and Spam Assassin)? I'm finding that I need to add the same information in multiple places. For example, Postfix users go in /etc/postif/vmailboxes, but Dovecot uses a user/password database stored in /var/mail/%d/%u (or other methods). And the same certificates and keys get entered multiple times. I think (or hope) there's something better, but I have not come across the resource.
[Dovecot] Specifying passwd-file with virtual domains?
I'm trying to use virtual domains and I'm suffering a disconnect.
I have two domains - foo.com and bar.com. On the filesystem, they are
located at /var/mail/foo.com/ and /var/mail/bar.com/. Users are
located at /var/mail/foo.com/john/, /var/mail/bar.com/jane/, etc.
There are two password files with user:schemepassword entries.
The scheme is {PLAIN}. They are located at /var/mail/foo.com/users and
/var/mail/bar.com/users. According to the wiki, these are passwd-file
databases (http://wiki2.dovecot.org/AuthDatabase/PasswdFile).
I specified the following in my dovecot.conf.
passdb {
args = /var/mail/%d/users
driver = passwd-file
}
Attempts to use the configuration result in an authentication failure.
Here's an entry from dovecot.log when the failure happens:
Mar 31 16:04:12 imap-login: Info: Disconnected (auth failed, 1
attempts in 5 secs): user=j...@foo.com, method=PLAIN, rip=127.0.0.1,
lip=127.0.1.1, secured, session=n5/ajez1FgB/AAAB
What exactly goes where to have Dovecot use the 'users' files to
authenticate users?
Thanks in advance and my apologies for the question. Two days of blog
posts, mini-HowTo's and mailing lists has only help me discover ways
to do things incorrectly.
**
# dovecot --version
2.1.7
# doveconf -n
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-686-pae i686 Debian 7.4
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
login_trusted_networks = 127.0.0.1
mail_location = mbox:~/mail:INBOX=/var/mail/%u
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
...
prefix =
}
passdb {
args = /var/mail/%d/users
driver = passwd-file
}
passdb {
driver = pam
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3
ssl_cert = /etc/dovecot/dovecot.pem
ssl_key = /etc/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
[Dovecot] Dovecot not honoring configuration settings (auth failure)
My dovecot.conf has the following:
# No results when searching the wiki
disable_plaintext_auth = no
# http://wiki2.dovecot.org/Authentication/Mechanisms
auth_mechanisms = plain login digest-md5 cram-md5
When I attempt to run imapsync, I receive an error:
Host2: host says it has NO CAPABILITY for AUTHENTICATE LOGIN
imapsync also dumps the helo string, and it is missing:
Host2: * OK [CAPABILITY IMAP4rev1 LITERAL+ ... STARTTLS
AUTH=PLAIN] Dovecot ready.
I've restarted the dovecot service with 'service dovecot restart' and
even rebooted the machine.
There is nothing reported in any on the log files
(/var/mail/dovecot.log and /var/log/mail.level).
Any ideas why dovecot is not honoring the setting in its config file?
**
# dovecot --version
2.1.7
# doveconf -n
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-686-pae i686 Debian 7.4
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
mail_location = mbox:~/mail:INBOX=/var/mail/%u
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
...
prefix =
}
passdb {
args = /var/mail/%d/users
driver = passwd-file
}
passdb {
driver = pam
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3
ssl_cert = /etc/dovecot/dovecot.pem
ssl_key = /etc/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Mon, Mar 31, 2014 at 5:39 PM, Reindl Harald h.rei...@thelounge.net wrote: Am 31.03.2014 23:37, schrieb Jeffrey Walton: My dovecot.conf has the following: # No results when searching the wiki disable_plaintext_auth = no # http://wiki2.dovecot.org/Authentication/Mechanisms auth_mechanisms = plain login digest-md5 cram-md5 When I attempt to run imapsync, I receive an error: Host2: host says it has NO CAPABILITY for AUTHENTICATE LOGIN imapsync also dumps the helo string, and it is missing: Host2: * OK [CAPABILITY IMAP4rev1 LITERAL+ ... STARTTLS AUTH=PLAIN] Dovecot ready. I've restarted the dovecot service with 'service dovecot restart' and even rebooted the machine. There is nothing reported in any on the log files (/var/mail/dovecot.log and /var/log/mail.level). Any ideas why dovecot is not honoring the setting in its config file? and the settings are *really* in /etc/dovecot/dovecot.conf or in some .d-folder which may or may not be included? I believe they are in /etc/dovecot/dovecot.conf: # cat /etc/dovecot/dovecot.conf | grep -i auth_ auth_mechanisms = plain login digest-md5 cram-md5 #auth_proxy_self = Jeff
Re: [Dovecot] Dovecot not honoring configuration settings (auth failure)
On Mon, Mar 31, 2014 at 6:29 PM, Joseph Tam jtam.h...@gmail.com wrote:
Jeffrey Walton noloa...@gmail.com writes:
I specified the following in my dovecot.conf.
passdb {
args = /var/mail/%d/users
driver = passwd-file
}
Attempts to use the configuration result in an authentication failure.
Here's an entry from dovecot.log when the failure happens:
Mar 31 16:04:12 imap-login: Info: Disconnected (auth failed, 1
attempts in 5 secs): user=j...@foo.com, method=PLAIN, rip=127.0.0.1,
lip=127.0.1.1, secured, session=n5/ajez1FgB/AAAB
Just to confirm, your user specified in the passdb corresponds to what
is being authenticated (i.e. client is authenticating as j...@foo.com,
not jeff)? Otherwise, you'll need to add domains to your passdb,
or configure username_format=%n
Yes, I believe so:
$ sudo cat /var/mail/foo.com/users
# Generate passwords with:
# doveadm pw -s PLAIN -p password
# Real users
t...@foo.com:{PLAIN}some-password
j...@foo.com:{PLAIN}some-password
In case it matters, here are the Postfix settings (but they should not
apply since this is an IMAP exercise):
$ sudo cat /etc/postfix/mailboxes
# Real users
t...@foo.com foo.com/tad/
j...@foo.com foo.com/jeff/
Its compiled with `postmap`:
postmap /etc/postfix/mailboxes
And then specified in `main.cf` with:
virtual_mailbox_maps = hash:/etc/postfix/mailboxes
And my two domains are handled similarly in `domains`.
Jeff
