Re: Dovecot Master User: Access user's mailbox without owner's password

2019-11-26 Thread Marcio Merlone via dovecot 


Em 19/11/2019 12:59, John Stoffel via dovecot escreveu:

Marcio,
Looking at your passdb { } block, you don't have the "result_sucess =
continue" option.  Have you tried adding that to make it work?


Sorry for late reply, lone busy admin here

You spelled wrong, correct is result_success :

https://doc.dovecot.org/configuration_manual/authentication/master_users/

It is there, line 65 of https://pastebin.com/3cAvfNqB and yet no luck.

Thanks for your input.


--
*Marcio Merlone*

Re: Dovecot Master User: Access user's mailbox without owner's password

2019-11-19 Thread John Stoffel via dovecot 
> "Marcio" == Marcio Merlone via dovecot  writes:

Marcio> Sounds a lot like my problem, which I described some days ago
Marcio> here on the list, but no luck.  Please report to the list if
Marcio> you make any progress.

Marcio,
Looking at your passdb { } block, you don't have the "result_sucess =
continue" option.  Have you tried adding that to make it work?  

Marcio> Em 14/11/2019 10:41, Dav Rdrz via dovecot escreveu:

Marcio> Hi, I hope you're all right. I describe below the scenario where the
Marcio> problem occurs.
Marcio> I'm trying to activate a master user [1] to be able to access all 
the
Marcio> boxes of all users by imap.
Marcio> I have configured the dovecot-master-users [2] file with the
Marcio> appropriate permissions.
Marcio> When I try to access, for example with roundcube, through
Marcio> u...@mydomain.com*my_master_u...@not-exist.com
Marcio> I see in the log, that it seems to ignore the master-user (*) and
Marcio> tries to authenticate the Active Directory but with the master 
user's
Marcio> password. Then it shows in the log the messages

Marcio> auth: Info: ldap(u...@mydomain.com,127.0.0.1,<6sFGXE6XLwB/AAAB> )
Marcio> invalid credentials
Marcio> auth: Debug: client passdb out: FAIL 1 user=u...@mydomain.com

Marcio> I have other test cases, but I need to validate the master user 
login that way.

Marcio> I would appreciate any comments you can make and I am waiting to
Marcio> answer any questions.

Marcio> Regards,

Marcio> [1] 
https://doc.dovecot.org/configuration_manual/authentication/master_users/
Marcio> [2] https://docs.iredmail.org/dovecot.master.user.html

Marcio> 
---

Marcio> root@mail-01:/etc/dovecot# cat /etc/issue
Marcio> Ubuntu 14.04.5 LTS \n \l

Marcio> root@mail-01:/etc/dovecot# dpkg -l | grep dovecot | awk {'print $2" 
"$3'}
Marcio> dovecot-core 1:2.2.9-1ubuntu2.6
Marcio> dovecot-imapd 1:2.2.9-1ubuntu2.6
Marcio> dovecot-ldap 1:2.2.9-1ubuntu2.6
Marcio> dovecot-lmtpd 1:2.2.9-1ubuntu2.6
Marcio> dovecot-managesieved 1:2.2.9-1ubuntu2.6
Marcio> dovecot-mysql 1:2.2.9-1ubuntu2.6
Marcio> dovecot-pop3d 1:2.2.9-1ubuntu2.6
Marcio> dovecot-sieve 1:2.2.9-1ubuntu2.6

Marcio> root@mail-01:/etc/dovecot# cat dovecot.conf | grep -v '#' | grep -v 
-e
Marcio> '^$' | sed  "s/REALDOMAIN/mydomain/g"
Marcio> listen = * [::]
Marcio> mail_plugins = quota mailbox_alias acl
Marcio> protocols = pop3 imap sieve lmtp
Marcio> mail_uid = 2000
Marcio> mail_gid = 2000
Marcio> first_valid_uid = 2000
Marcio> last_valid_uid = 2000
Marcio> log_path = /var/log/dovecot.log
Marcio> auth_verbose = yes
Marcio> auth_debug = yes
Marcio> ssl_protocols = !SSLv2 !SSLv3
Marcio> ssl = required
Marcio> verbose_ssl = no
Marcio> ssl_ca =  ssl_cert =  ssl_key =  ssl_cipher_list =
Marcio> 
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
Marcio> ssl_dh_parameters_length = 2048
Marcio> ssl_prefer_server_ciphers = yes
Marcio> disable_plaintext_auth = no
Marcio> mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/
Marcio> auth_default_realm = mydomain.com
Marcio> auth_mechanisms = PLAIN LOGIN
Marcio> service auth {
Marcio> unix_listener /var/spool/postfix/private/dovecot-auth {
Marcio> user = postfix
Marcio> group = postfix
Marcio> mode = 0666
Marcio> }
Marcio> unix_listener auth-master {
Marcio> user = vmail
Marcio> group = vmail
Marcio> mode = 0666
Marcio> }
Marcio> unix_listener auth-userdb {
Marcio> user = vmail
Marcio> group = vmail
Marcio> mode = 0660
Marcio> }
Marcio> }
Marcio> service lmtp {
Marcio> user = vmail
Marcio> process_min_avail = 5
Marcio> executable = lmtp -L
Marcio> unix_listener /var/spool/postfix/private/dovecot-lmtp {
Marcio> user = postfix
Marcio> group = postfix
Marcio> mode = 0600
Marcio> }
Marcio>

Re: Dovecot Master User: Access user's mailbox without owner's password

2019-11-19 Thread Marcio Merlone via dovecot 
Sounds a lot like my problem, which I described some days ago here on 
the list, but no luck. Please report to the list if you make any progress.


Regards,

Em 14/11/2019 10:41, Dav Rdrz via dovecot escreveu:

Hi, I hope you're all right. I describe below the scenario where the
problem occurs.
I'm trying to activate a master user [1] to be able to access all the
boxes of all users by imap.
I have configured the dovecot-master-users [2] file with the
appropriate permissions.
When I try to access, for example with roundcube, through
u...@mydomain.com*my_master_u...@not-exist.com
I see in the log, that it seems to ignore the master-user (*) and
tries to authenticate the Active Directory but with the master user's
password. Then it shows in the log the messages

auth: Info: ldap(u...@mydomain.com,127.0.0.1,<6sFGXE6XLwB/AAAB> )
invalid credentials
auth: Debug: client passdb out: FAIL 1 user=u...@mydomain.com

I have other test cases, but I need to validate the master user login that way.

I would appreciate any comments you can make and I am waiting to
answer any questions.

Regards,

[1] https://doc.dovecot.org/configuration_manual/authentication/master_users/
[2] https://docs.iredmail.org/dovecot.master.user.html

---

root@mail-01:/etc/dovecot# cat /etc/issue
Ubuntu 14.04.5 LTS \n \l

root@mail-01:/etc/dovecot# dpkg -l | grep dovecot | awk {'print $2" "$3'}
dovecot-core 1:2.2.9-1ubuntu2.6
dovecot-imapd 1:2.2.9-1ubuntu2.6
dovecot-ldap 1:2.2.9-1ubuntu2.6
dovecot-lmtpd 1:2.2.9-1ubuntu2.6
dovecot-managesieved 1:2.2.9-1ubuntu2.6
dovecot-mysql 1:2.2.9-1ubuntu2.6
dovecot-pop3d 1:2.2.9-1ubuntu2.6
dovecot-sieve 1:2.2.9-1ubuntu2.6

root@mail-01:/etc/dovecot# cat dovecot.conf | grep -v '#' | grep -v -e
'^$' | sed  "s/REALDOMAIN/mydomain/g"
listen = * [::]
mail_plugins = quota mailbox_alias acl
protocols = pop3 imap sieve lmtp
mail_uid = 2000
mail_gid = 2000
first_valid_uid = 2000
last_valid_uid = 2000
log_path = /var/log/dovecot.log
auth_verbose = yes
auth_debug = yes
ssl_protocols = !SSLv2 !SSLv3
ssl = required
verbose_ssl = no
ssl_ca = 
--
*Marcio Merlone*
TI - Administrador de redes

*A1 Engenharia - Unidade Corporativa*
Fone:   +55 41 3616-3797
Cel:+55 41 99689-0036

https://a1.ind.br/

Dovecot Master User: Access user's mailbox without owner's password

2019-11-14 Thread Dav Rdrz via dovecot 
Hi, I hope you're all right. I describe below the scenario where the
problem occurs.
I'm trying to activate a master user [1] to be able to access all the
boxes of all users by imap.
I have configured the dovecot-master-users [2] file with the
appropriate permissions.
When I try to access, for example with roundcube, through
u...@mydomain.com*my_master_u...@not-exist.com
I see in the log, that it seems to ignore the master-user (*) and
tries to authenticate the Active Directory but with the master user's
password. Then it shows in the log the messages

auth: Info: ldap(u...@mydomain.com,127.0.0.1,<6sFGXE6XLwB/AAAB> )
invalid credentials
auth: Debug: client passdb out: FAIL 1 user=u...@mydomain.com

I have other test cases, but I need to validate the master user login that way.

I would appreciate any comments you can make and I am waiting to
answer any questions.

Regards,

[1] https://doc.dovecot.org/configuration_manual/authentication/master_users/
[2] https://docs.iredmail.org/dovecot.master.user.html

---

root@mail-01:/etc/dovecot# cat /etc/issue
Ubuntu 14.04.5 LTS \n \l

root@mail-01:/etc/dovecot# dpkg -l | grep dovecot | awk {'print $2" "$3'}
dovecot-core 1:2.2.9-1ubuntu2.6
dovecot-imapd 1:2.2.9-1ubuntu2.6
dovecot-ldap 1:2.2.9-1ubuntu2.6
dovecot-lmtpd 1:2.2.9-1ubuntu2.6
dovecot-managesieved 1:2.2.9-1ubuntu2.6
dovecot-mysql 1:2.2.9-1ubuntu2.6
dovecot-pop3d 1:2.2.9-1ubuntu2.6
dovecot-sieve 1:2.2.9-1ubuntu2.6

root@mail-01:/etc/dovecot# cat dovecot.conf | grep -v '#' | grep -v -e
'^$' | sed  "s/REALDOMAIN/mydomain/g"
listen = * [::]
mail_plugins = quota mailbox_alias acl
protocols = pop3 imap sieve lmtp
mail_uid = 2000
mail_gid = 2000
first_valid_uid = 2000
last_valid_uid = 2000
log_path = /var/log/dovecot.log
auth_verbose = yes
auth_debug = yes
ssl_protocols = !SSLv2 !SSLv3
ssl = required
verbose_ssl = no
ssl_ca =