Proxying only occurs if your **passdb** (not userdb), returns proxy=y host=some-other-host
If these are not present in **passdb** reply, then proxying does not occur. I wouldn't recommend running dovecot in mixed mode, having local and proxy feature in same instance. It will be always difficult. Aki > On 17/12/2019 12:27 Marc Roos <[email protected]> wrote: > > > Hi Aki, you have some ingenious remark that could help? > > > > -----Original Message----- > > To: aki.tuomi; dovecot > Subject: RE: Local lmtp proxy on backend server > > > > I am staring constantly at the same logs, this is what I get from > dovecot[1]. Sendmail[2] is sending with test@svr1 maybe this overrides > lmtp proxying? This is a test with a special-userdb passwd-file also > having host=svr2 > > [1] > Dec 16 16:30:16 svr1 dovecot: lmtp(16466): Debug: none: root=, index=, > indexpvt=, control=, inbox=, alt= Dec 16 16:30:16 svr1 dovecot: > lmtp(16466): Connect from local Dec 16 16:30:16 svr1 dovecot: auth: > Debug: master in: > PASS#0111#011test#011service=lmtp > Dec 16 16:30:16 svr1 dovecot: auth: Debug: passwd(test): cache miss Dec > 16 16:30:16 svr1 dovecot: auth-worker(16468): Debug: Loading modules > from directory: /usr/lib64/dovecot/auth Dec 16 16:30:16 svr1 dovecot: > auth-worker(16468): Debug: Module loaded: > /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so > Dec 16 16:30:16 svr1 dovecot: auth-worker(16468): Debug: Module loaded: > /usr/lib64/dovecot/auth/libdriver_sqlite.so > Dec 16 16:30:16 svr1 dovecot: auth-worker(16468): Debug: passwd-file > /etc/dovecot/special-userdb: Read 1 users in 0 secs Dec 16 16:30:16 svr1 > dovecot: auth-worker(16468): Debug: passwd(test): > lookup > Dec 16 16:30:16 svr1 dovecot: auth-worker(16468): passwd(test): invalid > password field '*' > Dec 16 16:30:16 svr1 dovecot: auth: Debug: passdb out: NOTFOUND#0111 Dec > 16 16:30:16 svr1 dovecot: lmtp(16466): Debug: auth PASS input: > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: Loading modules from > directory: /usr/lib64/dovecot > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: Module loaded: > /usr/lib64/dovecot/lib15_notify_plugin.so > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: Module loaded: > /usr/lib64/dovecot/lib90_sieve_plugin.so > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: Module loaded: > /usr/lib64/dovecot/libstorage_rbox_plugin.so > Dec 16 16:30:16 svr1 dovecot: auth: Debug: master in: > USER#0112#011test#011service=lmtp > Dec 16 16:30:16 svr1 dovecot: auth: Debug: passwd-file(test): lookup: > user=test file=/etc/dovecot/special-userdb Dec 16 16:30:16 svr1 dovecot: > auth: Debug: userdb out: > USER#0112#011test#011uid=8267#011gid=231#011home=/home/popusers/test > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: auth USER input: test > uid=8267 gid=231 home=/home/popusers/test Dec 16 16:30:16 svr1 dovecot: > lmtp(16466, test): Debug: Effective uid=8267, gid=231, > home=/home/popusers/test Dec 16 16:30:16 svr1 dovecot: lmtp(16466, > test): Debug: Namespace inbox: > type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, > subscriptions=yes location=rbox:~/rbox:INDEX=/home/popindex/test/index > Dec 16 16:30:16 svr1 dovecot: lmtp(16466, test): Debug: fs: > root=/home/popusers/test/rbox, index=/home/popindex/test/index, > indexpvt=, control=, inbox=, alt= Dec 16 16:30:16 svr1 dovecot: > lmtp(test): Debug: sieve: Pigeonhole version 0.4.24 (124e06aa) > initializing Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: sieve: > include: > sieve_global is not set; it is currently not possible to include > `:global' scripts. > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: file storage: Using active Sieve script path: > /home/popusers/test/.dovecot.sieve > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: file storage: Using script storage path: > /home/popusers/test/sieve > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: file storage: Relative path to sieve storage in active link: > sieve/ > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: file storage: Using Sieve script path: > /home/popusers/test/.dovecot.sieve > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: file script: Opened script `managesieve' from > `/home/popusers/test/.dovecot.sieve' > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: Using the following location for user's Sieve script: > /home/popusers/test/.dovecot.sieve > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: Mailbox <lmtp DATA>: > Opened mail UID=1 because: header Message-ID (Cache file is unusable) > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: Opening script 1 of 1 from `/home/popusers/test/.dovecot.sieve' > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: Loading script /home/popusers/test/.dovecot.sieve > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > > sieve: Script binary /home/popusers/test/.dovecot.svbin successfully > loaded Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: > +FIiFQij911SQAAAzJXYRg: > sieve: binary save: not saving binary > /home/popusers/test/.dovecot.svbin, because it is already stored Dec 16 > 16:30:16 svr1 dovecot: lmtp(test): Debug: +FIiFQij911SQAAAzJXYRg: > sieve: Executing script from `/home/popusers/test/.dovecot.svbin' > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: INBOX: Mailbox opened > because: lib-lda delivery > Dec 16 16:30:16 svr1 dovecot: lmtp(test): Debug: Mailbox <lmtp DATA>: > Opened mail UID=1 because: copying > Dec 16 16:30:16 svr1 dovecot: lmtp(test): +FIiFQij911SQAAAzJXYRg: sieve: > > msgid=<[email protected]>: stored mail into > mailbox 'INBOX' > Dec 16 16:30:16 svr1 dovecot: lmtp(16466): Disconnect from local: > Successful quit > > [2] > Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- 250-PIPELINING > Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- 250-8BITMIME > Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- 250-SIZE > 52428800 Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- > 250-DSN Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- > 250-ETRN Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- > 250-AUTH LOGIN PLAIN Dec 16 16:30:16 svr1 sendmail[16464]: > xBGFUGm7016464: --- 250-DELIVERBY Dec 16 16:30:16 svr1 sendmail[16464]: > xBGFUGm7016464: --- 250 HELP Dec 16 16:30:16 svr1 sendmail[16464]: > xBGFUGm7016464: <-- MAIL From:<[email protected]> SIZE=216 > [email protected] Dec 16 16:30:16 svr1 sendmail[16464]: > ruleset=trust_auth, [email protected], relay=localhost > [127.0.0.1], reject=550 5.7.1 <[email protected]>... not authenticated > Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- 250 2.1.0 > <[email protected]>... Sender ok Dec 16 16:30:16 svr1 sendmail[16464]: > xBGFUGm7016464: <-- RCPT To:<[email protected]> Dec 16 16:30:16 svr1 > sendmail[16464]: xBGFUGm7016464: --- 250 2.1.5 <[email protected]>... > Recipient ok Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: <-- > DATA Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: --- 354 Enter > mail, end with "." on a line by itself Dec 16 16:30:16 svr1 > sendmail[16464]: STARTTLS=read, info: fds=11/4, > err=2 > Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm7016464: > from=<[email protected]>, size=467, class=0, nrcpts=1, > msgid=<[email protected]>, proto=ESMTP, > daemon=MTA, relay=localhost [127.0.0.1] Dec 16 16:30:16 svr1 > sendmail[16464]: xBGFUGm7016464: --- 250 2.0.0 > xBGFUGm7016464 Message accepted for delivery Dec 16 16:30:16 svr1 > sendmail[16463]: xBGFUF9A016463: to=test, ctladdr=root (0/0), > delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=30216, > relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent > (xBGFUGm7016464 Message accepted for delivery) Dec 16 16:30:16 svr1 > sendmail[16464]: STARTTLS=read, info: fds=11/4, > err=2 > Dec 16 16:30:16 svr1 sendmail[16464]: xBGFUGm8016464: <-- QUIT Dec 16 > 16:30:16 svr1 sendmail[16464]: xBGFUGm8016464: --- 221 2.0.0 > svr1.xxxxx.xxx closing connection Dec 16 16:30:16 svr1 sendmail[16465]: > last message repeated 2 times Dec 16 16:30:16 svr1 sendmail[16465]: > xBGFUGm7016464: > to=<[email protected]>, ctladdr=<[email protected]> (0/0), > delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30753, > relay=localhost, dsn=2.0.0, stat=Sent Dec 16 16:30:16 svr1 > sendmail[16465]: xBGFUGm7016464: done; delay=00:00:00, ntries=1 > > > -----Original Message----- > To: aki.tuomi; dovecot > Subject: RE: Local lmtp proxy on backend server > > > Hi Aki, > > If I adapt this configuration on svr1 like this[0], should the mail not > be delivered at svr2 passdb { > driver = pam > # [session=yes] [setcred=yes] [failure_show_msg=yes] > [max_requests=<n>] > # [cache_key=<key>] [<service name>] > #args = dovecot > default_fields = proxy=y host=svr2 > } > passdb { > driver = passwd > skip = authenticated > default_fields = proxy=y host=svr2 > } > > > > > -----Original Message----- > From: Aki Tuomi [mailto:[email protected]] > Sent: 16 December 2019 06:22 > To: Marc Roos; dovecot > Subject: Re: Local lmtp proxy on backend server > > > On 15/12/2019 23:09 Marc Roos < [email protected]> wrote: > > > I receive a local mail when I do a 'mail test' on a backend svr1 > with > this[0] configuration. However when I just add only one > configuration > change 'lmtp_proxy = yes' I am getting these errors[1]. I would > expect > this email to still be delivered locally, should this be working or > > > do I > misunderstand the lmtp proxy functionality? > > > [0] > passdb { > args = > auth_verbose = default > default_fields = proxy=y host=svr1 > deny = no > driver = pam > > > [1] > Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: none: root=, > index=, > indexpvt=, control=, inbox=, alt= > Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Connect from local > Dec 15 23:28:48 svr1 dovecot: auth: Debug: master in: > PASS#0111#011test#011service=lmtp > Dec 15 23:28:48 svr1 dovecot: auth: Debug: pam(test): passdb > doesn't > support credential lookups > Dec 15 23:28:48 svr1 dovecot: auth: Debug: passdb out: > FAIL#0111#011reason=Configured passdbs don't support credentials > lookups > Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: user test: Auth > PASS > lookup returned temporary failure: reason=Configured passdbs don't > support credentials lookups > Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: auth PASS input: > reason=Configured passdbs don't support credentials lookups > > > dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64 > dovecot-2.2.36-3.el7_7.1.x86_64 > > > PAM does not support looking up users, so you cannot use it for LMTP > proxying. Try adding > > passdb { > driver = passwd > skip = authenticated > } > > after PAM block. > --- > Aki Tuomi
