Re: [Dovecot] Authentication issue
On 06/09/2012 09:19 PM, Daniel Parthey wrote: Hi Emiliano, Emiliano Rago wrote: I need to set up a weird dovecot configuration: 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme 2) inside a ssl tunnel I'd like to authenticate only with plain auth You might try to set up two instances of dovecot, one for plain, one for ssl: http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Uhmmm, I don't like too much that solution, anyway, thank you very much! Regards, Emiliano
Re: [Dovecot] Authentication issue
Hi Emiliano, Emiliano Rago wrote: I need to set up a weird dovecot configuration: 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme 2) inside a ssl tunnel I'd like to authenticate only with plain auth You might try to set up two instances of dovecot, one for plain, one for ssl: http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Regards Daniel
[Dovecot] Authentication issue
Hi, I need to set up a weird dovecot configuration: 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme 2) inside a ssl tunnel I'd like to authenticate only with plain auth The first is easily satisfied with auth_mechanisms = plain cram-md5 disable_plaintext_auth = yes but I don't know how to satisfy the second condition, if it's possible. Thanks for help, Emiliano Rago
Re: [Dovecot] Authentication issue.
On 12/18/2010 02:19 AM dmitri tchernov wrote: Thank you very much for your patience, Pascal. It appeared that imaptest wanted a fixed password (pass), regardless of test1's one. Thus, I set pass as the password in userlist.passwd for test1, so that imaptest eventually stop complaining. The user-password can be passed as commandline arg: imaptest … pass=SomeThing … See also: http://imapwiki.org/ImapTest/Examples Regards, Pascal -- The trapper recommends today: c01dcofe.1035...@localdomain.org
[Dovecot] Authentication issue.
Hi list, I try to run imaptest, but I get the following errors (as root): # ./imaptest copybox=Trash # or any other command in http://www.imapwiki.org/ImapTest/Examples Logi List Stat Sele Fetc Fet2 Copy Stor Dele Expu Appe Logo 100% 50% 50% 100% 100% 100% 33% 50% 100% 100% 100% 100% 30% 5% 5% 000000000000 10/ 10 000000000000 10/ 10 000000000000 10/ 10 000000000000 10/ 10 Error: root[4]: LOGIN failed: 4.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[3]: LOGIN failed: 3.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[5]: LOGIN failed: 5.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[2]: LOGIN failed: 2.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[6]: LOGIN failed: 6.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[10]: LOGIN failed: 10.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[7]: LOGIN failed: 7.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[1]: LOGIN failed: 1.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[8]: LOGIN failed: 8.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[9]: LOGIN failed: 9.1 NO [AUTHENTICATIONFAILED] Authentication failed. ^C # tail /var/log/mail.log: Dec 17 18:07:28 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=root, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:08:01 dovecot: last message repeated 19 times # tail /var/log/auth.log: Dec 17 18:07:24 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=root rhost=127.0.0.1 user=root Dec 17 18:08:01 auth: last message repeated 19 times Dec 17 18:08:01 CRON[13916]: pam_unix(cron:session): session opened for user root by (uid=0) Dec 17 18:08:02 CRON[13916]: pam_unix(cron:session): session closed for user root # dovecot --version 2.0.2 # /usr/bin/doveconf -n -c /etc/dovecot/dovecot.conf # 2.0.2: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-ipv6-64 x86_64 Ubuntu 10.10 ext4 auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S mail_debug = yes mail_location = dbox:/mnt/dovecot/users/%n mail_privileged_group = mail mbox_read_locks = fcntl dotlock mbox_write_locks = fcntl dotlock mmap_disable = yes passdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener auth-master { mode = 0600 user = doveusers } user = root } ssl = no userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master postmaster_address = my-em...@gmail.com } I do not understand where the problem is. Do you have any idea? /dimitri
Re: [Dovecot] Authentication issue.
On 12/17/2010 06:16 PM dmitri tchernov wrote: … # ./imaptest copybox=Trash # or any other command in … Error: root[4]: LOGIN failed: 4.1 NO [AUTHENTICATIONFAILED] Authentication failed. … ^C # tail /var/log/mail.log: Dec 17 18:07:28 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=root, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:08:01 dovecot: last message repeated 19 times # dovecot --version 2.0.2 Version 2.0.8 is available … I do not understand where the problem is. Do you have any idea? Don't try to login as root. Use a human account. Regards, Pascal -- The trapper recommends today: 5e1f1e55.1035...@localdomain.org
Re: [Dovecot] Authentication issue.
On Fri, Dec 17, 2010 at 6:38 PM, Pascal Volk user+dove...@localhost.localdomain.orguser%2bdove...@localhost.localdomain.org wrote: On 12/17/2010 06:16 PM dmitri tchernov wrote:Dec 17 18:08:01 dovecot: last message repeated 19 times # dovecot --version 2.0.2 Version 2.0.8 is available … For some reasons, I can't update the version. I do not understand where the problem is. Do you have any idea? Don't try to login as root. Use a human account. Same errors.
Re: [Dovecot] Authentication issue.
On 12/17/2010 06:44 PM dmitri tchernov wrote: Same errors. Set auth_debug=yes, execute `dovecot realod` and check your logs (`doveadm log find`). Regards, Pascal -- The trapper recommends today: 5e1f1e55.1035...@localdomain.org
Re: [Dovecot] Authentication issue.
On Fri, Dec 17, 2010 at 6:49 PM, Pascal Volk user+dove...@localhost.localdomain.orguser%2bdove...@localhost.localdomain.org wrote: On 12/17/2010 06:44 PM dmitri tchernov wrote: Same errors. Set auth_debug=yes, execute `dovecot realod` and check your logs (`doveadm log find`). /var/log/syslog: Dec 17 18:54:17 dovecot: auth: pam(test1,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: auth: Debug: client out: FAIL#0111#011user=test1 Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=test1, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured /var/log/mail.log: Dec 17 18:54:14 dovecot: auth: pam(test1,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: client out: FAIL#0111#011user=test1 Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=test1, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: auth client connected (pid=16351) Dec 17 18:54:16 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=33814#011resp=hidden Dec 17 18:54:16 dovecot: auth: Debug: passwd-file(test1,127.0.0.1): lookup: user=test1 file=/mnt/dovecot/userlist.passwd /var/log/auth.log: Dec 17 18:54:12 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=test1 rhost=127.0.0.1 user=test1 Dec 17 18:54:18 auth: last message repeated 19 times Dec 17 18:54:18 su[16279]: pam_unix(su:session): session closed for user test1 Regards, Pascal -- The trapper recommends today: 5e1f1e55.1035...@localdomain.org
Re: [Dovecot] Authentication issue.
On Fri, Dec 17, 2010 at 6:59 PM, dmitri tchernov mitia.tcher...@gmail.comwrote: On Fri, Dec 17, 2010 at 6:49 PM, Pascal Volk user+dove...@localhost.localdomain.orguser%2bdove...@localhost.localdomain.org wrote: On 12/17/2010 06:44 PM dmitri tchernov wrote: Same errors. Set auth_debug=yes, execute `dovecot realod` and check your logs (`doveadm log find`). /var/log/syslog: Dec 17 18:54:17 dovecot: auth: pam(test1,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: auth: Debug: client out: FAIL#0111#011user=test1 Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=test1, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured /var/log/mail.log: Dec 17 18:54:14 dovecot: auth: pam(test1,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: client out: FAIL#0111#011user=test1 Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=test1, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: auth client connected (pid=16351) Dec 17 18:54:16 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=33814#011resp=hidden Dec 17 18:54:16 dovecot: auth: Debug: passwd-file(test1,127.0.0.1): lookup: user=test1 file=/mnt/dovecot/userlist.passwd /var/log/auth.log: Dec 17 18:54:12 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=test1 rhost=127.0.0.1 user=test1 Dec 17 18:54:18 auth: last message repeated 19 times Dec 17 18:54:18 su[16279]: pam_unix(su:session): session closed for user test1 Uh, I also have: /var/log/mail.err: Dec 17 18:48:35 dovecot: auth: Error: userdb(test1,127.0.0.1): user not found from userdb passwd-file Dec 17 18:48:35 dovecot: imap: Error: Authenticated user not found from userdb When I check /mnt/dovecot/userlist.passwd, everything looks ok. Regards, Pascal -- The trapper recommends today: 5e1f1e55.1035...@localdomain.org
Re: [Dovecot] Authentication issue.
On 12/17/2010 07:02 PM dmitri tchernov wrote: When I check /mnt/dovecot/userlist.passwd, everything looks ok. Please show your configuration: doveconf -n Regards, Pascal -- The trapper recommends today: f007ba11.1035...@localdomain.org
Re: [Dovecot] Authentication issue.
On 12/17/2010 07:27 PM dmitri tchernov wrote: # /usr/bin/doveconf userdb userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } Well spotted, an UTF-8 character was in the file at the wrong place. I had: # doveadm user test1 userdb lookup: user test1 doesn't exist And now: # doveadm user test1 userdb: test1 uid : 1001 gid : 1001 # dovecot reload # I run the imaptest with user test1, and I have the following lines in /var/log/mail.log: Dec 17 19:22:48 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=49371#011resp=hidden Dec 17 19:22:48 dovecot: auth: Debug: passwd-file(test1,127.0.0.1): lookup: user=test1 file=/mnt/dovecot/userlist.passwd Dec 17 19:22:48 dovecot: auth: passwd-file(test1,127.0.0.1): Password mismatch Dec 17 19:22:48 dovecot: auth: Debug: pam(test1,127.0.0.1): lookup service=dovecot Dec 17 19:22:48 dovecot: auth: Debug: pam(test1,127.0.0.1): #1/1 style=1 msg=Password: Dec 17 19:22:50 dovecot: auth: pam(test1,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) # doveadm auth test1 the password supplied in userlist.passwd for this user passdb: test1 auth succeeded extra fields: user=test1 ,--[ …/conf.d/10-logging.conf ]-- | # In case of password mismatches, log the passwords and used scheme so the | # problem can be debugged. Enabling this also enables auth_debug. | #auth_debug_passwords = no `-- Set auth_debug_passwords to yes, Dovecot will log the reason why authentication fails. Regards, Pascal -- The trapper recommends today: f007ba11.1035...@localdomain.org
Re: [Dovecot] Authentication issue.
On Fri, Dec 17, 2010 at 7:57 PM, Pascal Volk user+dove...@localhost.localdomain.orguser%2bdove...@localhost.localdomain.org wrote: On 12/17/2010 07:27 PM dmitri tchernov wrote: # /usr/bin/doveconf userdb userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } Well spotted, an UTF-8 character was in the file at the wrong place. I had: # doveadm user test1 userdb lookup: user test1 doesn't exist And now: # doveadm user test1 userdb: test1 uid : 1001 gid : 1001 # dovecot reload # I run the imaptest with user test1, and I have the following lines in /var/log/mail.log: Dec 17 19:22:48 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=49371#011resp=hidden Dec 17 19:22:48 dovecot: auth: Debug: passwd-file(test1,127.0.0.1): lookup: user=test1 file=/mnt/dovecot/userlist.passwd Dec 17 19:22:48 dovecot: auth: passwd-file(test1,127.0.0.1): Password mismatch Dec 17 19:22:48 dovecot: auth: Debug: pam(test1,127.0.0.1): lookup service=dovecot Dec 17 19:22:48 dovecot: auth: Debug: pam(test1,127.0.0.1): #1/1 style=1 msg=Password: Dec 17 19:22:50 dovecot: auth: pam(test1,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) # doveadm auth test1 the password supplied in userlist.passwd for this user passdb: test1 auth succeeded extra fields: user=test1 ,--[ …/conf.d/10-logging.conf ]-- | # In case of password mismatches, log the passwords and used scheme so the | # problem can be debugged. Enabling this also enables auth_debug. | #auth_debug_passwords = no `-- Set auth_debug_passwords to yes, Dovecot will log the reason why authentication fails. Thank you very much for your patience, Pascal. It appeared that imaptest wanted a fixed password (pass), regardless of test1's one. Thus, I set pass as the password in userlist.passwd for test1, so that imaptest eventually stop complaining. Regards, Pascal -- The trapper recommends today: f007ba11.1035...@localdomain.org
Re: [Dovecot] authentication issue - dovecot + Mysql
On Wed, 2008-09-24 at 19:08 +1200, Reinhard Sanjeet Lal wrote: dovecot: Sep 24 18:51:49 Info: pop3-login: Aborted login (auth failed, 1 attempts): user=rein, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured This says the authentication failed. Setting auth_debug=yes will make it log more and should help finding out the real problem. signature.asc Description: This is a digitally signed message part
[Dovecot] authentication issue - dovecot + Mysql
Hi, I have a FreeBSD 7.0 server with the following version of software's installed: postfix-2.5.4,1 postfixadmin-2.2.1.1 roundcube-0.2.a,1 php5 mysql-server-5.0.67 dovecot-1.1.3_1 Note that pre-reqs for all of the above also has been installed. I have used this guide to walk myself through the setup : http://www.purplehat.org/?page_id=4 My setup uses virtual domain and user style(mostly for hosting provider type) , all stored into the Mysql db, now when I try to telnet to port 110 for pop test or even telnet for IMAP test , I get this error: dovecot: Sep 24 18:51:49 Info: pop3-login: Aborted login (auth failed, 1 attempts): user=rein, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured note : there are numerous of there errors , but I included only this. Dovecot is not able to authenticate by using the query in its dovecot-sql.conf file. I have tried a lot of tricks by changing the mechanism MD5 , PLAIN LOGIN etc, but no avail. Please , could someone assist me in solving this issue, not that I can send and receive emails but pop and IMAP seems not to work , so is the webmail functionality . Here is my dovecot -n output : # 1.1.3: /usr/local/etc/dovecot.conf log_path: /var/log/dovecot.log protocols: imap imaps pop3 pop3s ssl_cert_file: /etc/ssl/dovecot/cert.pem ssl_key_file: /etc/ssl/dovecot/key.pem disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_greeting: Baby Is Ready. login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no verbose_proctitle: yes first_valid_uid: 125 last_valid_uid: 125 first_valid_gid: 125 last_valid_gid: 125 mail_privileged_group: mail mail_location: maildir:/usr/local/virtual/%d/%n maildir_copy_preserve_filename: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-se imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(pop3): pop3_enable_last(default): no pop3_enable_last(imap): no pop3_enable_last(pop3): yes pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: mechanisms: login plain cram-md5 digest-md5 plain login username_format: %Ln passdb: driver: sql args: /usr/local/etc/dovecot-sql.conf userdb: driver: sql args: /usr/local/etc/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 Reinhard Sanjeet Lal Manager Network Operations p + 679 3275040 f + 679 3275053 m + 679 9923147 e [EMAIL PROTECTED] http://www.unwired.com.fj www.unwired.com.fj disclaimer This transmission is for the intended addressee only and is confidential information. If you have received this transmission in error, please delete it and notify the sender. The contents of this e-mail are the opinion of the writer only and are not endorsed by Unwired Fiji unless expressly stated otherwise. Unwired Fiji has virus detection in place and makes every reasonable effort to ensure that this message is free from viruses. However, you should scan this message and any attachments for viruses. Under no circumstances will Unwired Fiji accept liability for any loss or damage that may result from your receipt of this message or any attachments. image001.jpg