Hello, I hope this is the right mailing list to send questions to. Please
direct me where to go if it is not. Thanks.
---
I am setting up a postfix/dovecot email server on a Debian 13 VPS. Dovecot
is v2.4.1. I have thus far been able to successfully configure the server
for smtp and imap support for my primary domain (we'll say
`[email protected]` who is a linux user with a home folder). I have been
even been able to configure postfix to have virtual mailboxes and aliases,
and from ssh I can can even see that the mail gets delivered to the
correct place. However, I am struggling to set up dovecot to authenticate
a virtual mailbox user (we'll say `[email protected]` who only has a
virtual mailbox).
[1]This documentation page describes the process to configure multiple
authentication databases. It describes being able to use multiple `passdb`
and `userdb` sections in order to authenticate dovecot users. Based upon
what it suggested, I tried this configuration:
## Snippet from /etc/dovecot/dovecot.conf ##
passdb passwd-file {
# So [2]example.net => /etc/dovecot/passwd/example.net
passwd_file_path = /etc/dovecot/passwd/%{user | domain}
}
# Fall thru to PAM for unix users
passdb pam {
}
userdb passwd-file {
passwd_file_path = /etc/dovecot/passwd/%{user | domain}
}
# Fall thru to /etc/passwd for unix users
userdb passwd {
}
## Snippet from /etc/dovecot/passwd/example.net ##
[3][email protected]:$y$j9...hash...:800:800::/var/postfix/virtual/example.net/support::
This is the configuration I landed on that hypothetically checks multiple
databases for authentication that allows at least `[email protected]` to
still login with Thunderbird and do email stuff. However it does not
authenticate `[email protected]`. The biggest difference between my config
and the example is that they use a `sql` database while I am trying the
`passwd-file` database. In principle this seems like it should work,
unless I am understanding the dovecot docs or have made my passwd file
incorrectly. I even tried reversing the order of `userdb` and `passdb`
sections to see if it would help to no avail.
[4]This thread seems to address a similar issue, and more or less has the
same configuration setup suggested as the one in the snippet above. It's
also from 2006 so the API looks kinda different from the current docs.
[5]This thread is from 2013 addressing a similar issue, but despite again
different API it translates to more or less what the snippet above shows.
Here is the journalctl output from when I tried to login as
`[email protected]`:
# journalctl -xeu dovecot | tail
Dec 29 11:38:19 [6]example.com auth[4719]: pam_unix(dovecot:auth): check
pass; user unknown
Dec 29 11:38:19 [7]example.com auth[4719]: pam_unix(dovecot:auth):
authentication failure; logname= uid=0 euid=0 tty=dovecot
[8][email protected] rhost=10.0.0.1
Dec 29 11:38:28 [9]example.com auth[4719]: pam_unix(dovecot:auth): check
pass; user unknown
Dec 29 11:38:28 [10]example.com auth[4719]: pam_unix(dovecot:auth):
authentication failure; logname= uid=0 euid=0 tty=dovecot
[11][email protected] rhost=10.0.0.1
Dec 29 11:41:19 [12]example.com dovecot[4700]: imap-login: Login
aborted: Inactivity (auth failed, 2 attempts in 180 secs) (auth_failed):
user=<[13][email protected]>, method=LOGIN, rip=10.0.0.1, lip=10.0.0.2,
TLS, session=<z8Tj3hlHkLxJMmuL>
The last message referring to "Inactivity" is because at that point
fail2ban blocked my IP, but before that it was consistent with results I
have been getting.
I'm at an absolute loss. I feel like I've trawled every doc I could find,
every config file involved in the setup process, all the Stack Exchange
answers that seem to exist. Honestly it baffles me to see that even what
looks like the same setup as official documentation, it just doesn't...
work? Can anybody point to me what is going wrong?
Thanks for reading,
~ Ethan Merrill
References
Visible links
1. This documentation page
https://doc.dovecot.org/2.4.2/core/config/auth/mutltiple.html
2. http://example.net/
3. mailto:[email protected]
4. This thread
https://dovecot.org/mailman3/archives/list/[email protected]/thread/VMXU2QUERJ43Y6KFQU5YBPVTZAW7LQV6/#7F5XM6F6F3SWOUU637CFUPZ65JMONZY4
5. This thread
https://dovecot.org/mailman3/archives/list/[email protected]/thread/YO3DFDRDDOSMTHXZV7KPQDFVSPSJ24J2/#3LEUQ5GKUFEEOKBR47J3UVUR6M7XJ5S3
6. http://example.com/
7. http://example.com/
8. mailto:[email protected]
9. http://example.com/
10. http://example.com/
11. mailto:[email protected]
12. http://example.com/
13. mailto:[email protected]
_______________________________________________
dovecot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
