Re: [Dovecot] Can't establish Dovecot authorization in Exim.
On 2010-06-30 16:26, 秋元 亮二 wrote: - Exim -- dovecot_login: driver = dovecot public_name = LOGIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth2 -- I have also $auth1 in dovecot_plain: dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 I have debian with exim4-daemon-heavy and nothing ordinary. hth philipp
Re: [Dovecot] Can't establish Dovecot authorization in Exim.
On Wed, 30 Jun 2010 23:26:09 +0900 秋元 亮二 wrote:
Hi,
I have some problem in Dovecot authorization in Exim for
outgoing SMTP.
Version of Exim is 4.69 and the Exim was compiled
with AUTH_DOVECOT=yes and AUTH_PLAINTEXT=yes.
Version of Dovecot
is 1.2.12.
I use SSL for IMAP. Is Exim neccesary to use SSL(TLS)
for authorization of outgoing SMTP?
I guess NO because communication is via socket.
My exim-4.72 configuration (which doesn't use LOGIN) contains:
| plain:
| driver = dovecot
| public_name = PLAIN
| server_socket = /var/run/dovecot/auth-client
| server_set_id = $auth1
And the dovecot-1.2.12 configuration contains:
| auth default {
| mechanisms = plain login
|
| passdb pam {
| args = dovecot
| }
|
| socket listen {
| client {
| # The client socket is generally safe to export to everyone. Typical use
| # is to export it to your SMTP server so it can do SMTP AUTH lookups
| # using it.
| path = /var/run/dovecot/auth-client
| mode = 0666
| }
| }
| }
Hope it helps. YMMV.
--Frank Elsner
Re: [Dovecot] forgot my password feature
Am 30.06.2010 14:09, schrieb Mustafa Cagatayli: Hi, We have a mail server with the postfix/Squirrelmail/Dovecot(v.1.1.11) combination which we have user data on MySQL through virtual users. We have configured the SquirrelMail interface so that users can now change their own passwords. Is there any opensource solution to provide self service password management which would allow us to add the I forgot my password. Lets reset it feature which would do the authentication with the help of some random personal data or personal question/answer combination ? Regards. that has nothing to do with dovecot what you need is a secret question script in a html gui etc and a script sends it to an alternate mail adress etc as you use mysql should be no problem use google like forgot password script php etc -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
[Dovecot] Dovecot LDA/LDAP
I'm a total newbie with Dovecot LDA and LDAP. To be honoust, I don't
know what I'm doing.
My system runs CentOS 5.5, Postfix 2.3.3 and Dovecot 1.2.11. I try to
set up Dovecot LDA. But whatever I'm trying, I fail.
2010-06-30T18:28:12.585128+02:00 h1690641 postfix/pipe[26443]:
84F012A00A55: to=t...@domain.com, relay=dovecot, delay=0.07,
delays=0.03/0.01/0/0.02, dsn=5.1.1, status=bounced (user unknown)
My current situation:
I'm using at the current server OpenLDAP, Postfix and Dovecot with the
Postfix LDA. It works fine, but I want to use sieve. I've setup a second
server. I'm using my current OpenLDAP directory.
The configurations:
/etc/dovecot.conf
# 1.2.11: /etc/dovecot.conf
# OS: Linux 2.6.18-028stab064.7 i686 CentOS release 5.5 (Final) reiserfs
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
mail_location: maildir:/home/vmail/%i/Maildir/
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh
imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh
imap_client_workarounds(pop3):
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
namespace:
type: private
separator: /
location: maildir:/home/vmail/%i/Maildir/
inbox: yes
hidden: yes
list: yes
subscriptions: yes
lda:
postmaster_address: postmas...@cocamsterdam.net
sendmail_path: /usr/lib/sendmail
auth_socket_path: /var/run/dovecot/auth-master
auth default:
passdb:
driver: ldap
args: /etc/dovecot-ldap.conf
userdb:
driver: ldap
args: /etc/dovecot-ldap.conf
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 432
user: vmail
group: mail
/etc/dovecot-ldap.conf
hosts = host.server.com
dn = cn=Manager,dc=domain,dc=com
dnpass = blabla
ldap_version = 3
base = dc=domain,dc=com
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = ((objectClass=posixAccount)(uid=%u))
pass_attrs = uid=user,userPassword=password,\
homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
pass_filter = ((objectClass=posixAccount)(uid=%u))
/etc/postfix/main.cf (Virtual settings)
virtual_alias_domains = $virtual_alias_maps
virtual_alias_expansion_limit = 1000
virtual_alias_maps = $virtual_maps
virtual_alias_recursion_limit = 1000
virtual_destination_concurrency_limit =
$default_destination_concurrency_limit
virtual_destination_recipient_limit = $default_destination_recipient_limit
virtual_gid_maps = static:12
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = /etc/postfix/domains.cf
virtual_mailbox_limit = 5120
virtual_mailbox_lock = fcntl
virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf
virtual_minimum_uid = 100
virtual_transport = dovecot
virtual_uid_maps = static:500
/etc/postfix/master.cf (Dovecot settings)
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f
${sender} -d ${recipient}
/etc/postfix/domains.cf
domain.com
/etc/postfix/ldap-users.cf
server_host = host.domain.com
search_base = dc=domain,dc=com
version = 3
query_filter = ((objectclass=person)(mail=%s))
result_attribute = uid
result_format = %s/Maildir/
I've used http://www.linuxmail.info as an example. That works fine, but
I want more.
[Dovecot] dovecot: pop3-login: Internal login failure - howto add dovecot users that are NO server users
Hi all my Linux system: opensuse 11.2 my mail system: postfix - dovecot my key problem since several days googling and testing is: how can I have a pop account with dovecot for a user if that user is NO linux system user it appears to me that most auth mechanisms somehow expect a mail user also to be a linux system user either to be found in the /etc/passwd or /etc/alias on my 4 servers I have NO users at all registered, NO login at all for any normal user - incl me. I strictly work as root and with serverkey auth on a tightly secured system since many years my goal is to have the most simple possible mail system - one user to send/receive (me) may be a very few friends with a pop3 account - that's that I have since many years - using cyrus. now I want to move to dovecot and I missed somehow since many days searching to find a simple howto add mail users - just for mail - pop3 and smtp, no imap, no home directory, etc I think that most of the errors I get in my mail log are about user unknown, I try different variations of postfix main.cf found in www the result always is some error like the newest dovecot: pop3-login: Internal login failures - below the last mail log - after I added a user to /etc/passwd hans:x:1000:100: yyy::/sbin/nologin - dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=pop3#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=110#011rport=53082#011resp=AGhhbnMASThDc2F3TzgxRHhjUmVNOHVCaDBM dovecot: auth(default): passwd-file(hans,127.0.0.1): lookup: user=hans file=/etc/dovecot/passwd dovecot: auth(default): client out: OK#0111#011user=hans dovecot: auth(default): master in: REQUEST#0112#01115510#0111 dovecot: auth(default): passwd(hans,127.0.0.1): lookup dovecot: auth(default): master out: USER#0112#011hans#011system_groups_user=hans#011uid=1000#011gid=100#011home= dovecot: dovecot: Relative home directory paths not supported (user hans): dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=hans, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured - WITHOUT the user hans entry in /etc/passwd I get the following mail log errors - Jul 1 02:43:01 kriyayoga dovecot: auth(default): new auth connection: pid=17860 Jul 1 02:43:22 kriyayoga dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=pop3#011lip=78.46.101.111#011rip=124.108.51.96#011lport=110#011rport=50152#011resp=AGhhbnMASThDc2F3TzgxRHhjUmVNOHVCaDBM Jul 1 02:43:22 kriyayoga dovecot: auth(default): passwd-file(hans,124.108.51.96): lookup: user=hans file=/etc/dovecot/passwd Jul 1 02:43:22 kriyayoga dovecot: auth(default): client out: OK#0111#011user=hans Jul 1 02:43:22 kriyayoga dovecot: auth(default): master in: REQUEST#0112#01117840#0111 Jul 1 02:43:22 kriyayoga dovecot: auth(default): passwd(hans,124.108.51.96): lookup Jul 1 02:43:22 kriyayoga dovecot: auth(default): passwd(hans,124.108.51.96): unknown user Jul 1 02:43:22 kriyayoga dovecot: auth(default): userdb(hans,124.108.51.96): user not found from userdb passwd Jul 1 02:43:22 kriyayoga dovecot: auth(default): master out: NOTFOUND#0112 Jul 1 02:43:22 kriyayoga dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=hans, method=PLAIN, rip=124.108.51.96, lip=78.46.101.111 - any help or pointer to a solution or howto setup dovecot pop3 accounts for non-system users would be MOST welcome greetings hans signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Can't establish Dovecot authorization in Exim.
Thank you for the responses. Do I need some setings for auth_advertise_hosts or ACL in Exim configuration and need ports other than 25th (SMTP)? Thanks. _ USBメモリ代わりにお使いください。無料で使える25GB。 http://skydrive.live.com/?showunauth=1mcid=HomeliveMerchBox1
Re: [Dovecot] dovecot: pop3-login: Internal login failure - howto add dovecot users that are NO server users
Hans Neukomm wrote: any help or pointer to a solution or howto setup dovecot pop3 accounts for non-system users would be MOST welcome greetings hans See here: http://wiki.dovecot.org/AuthDatabase/PasswdFile If you still need help after reading over that, post output of `dovecot -n`
Re: [Dovecot] dovecot 2.0.beta6 dies when I try to delete a folder with thunderbird
On Mon, Jun 28, 2010 at 22:20, Timo Sirainen t...@iki.fi wrote:
On Sun, 2010-06-27 at 15:34 +0200, Sven Kirmess wrote:
When I try to delete a folder with Thunderbird 3.1 I get the following
log entry and the folder is not deleted. Filesystem is ZFS.
Jun 27 15:32:36 azati dovecot: [ID 583609 mail.error] master: Error:
service(imap): child 18215 killed with signal 11 (core not dumped -
set drop_priv_before_exec=yes)
Can you reproduce this by talking imap protocol directly?
telnet localhost 143
a login user pass
b delete mailboxname
or possibly
b rename mailboxname Trash/mailboxname
gdb backtrace would be helpful: http://dovecot.org/bugreport.html
I couldn't reproduce this, so it's also possible that it's already been
fixed since beta6.
http://wiki.dovecot.org/Debugging/Thunderbird was very helpful. Thanks.
This is how I can reproduce it:
$ openssl s_client -connect localhost:993 -crlf
1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE
QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS]
Logged in
b list Trash *
* LIST (\HasNoChildren) / Trash
b OK List completed.
c list test2 *
* LIST (\HasNoChildren) / test2
c OK List completed.
d rename test2 Trash/test2
closed
And I get this:
dovecot: [ID 583609 mail.error] master: Error: service(imap): child
25432 killed with signal 11 (core not dumped - set
drop_priv_before_exec=yes)
Deleting a mailbox is possible, but not moving it to Trash.
gdb backtrace would be helpful: http://dovecot.org/bugreport.html
I get this message in syslog:
core not dumped - set drop_priv_before_exec=yes
And when I set drop_priv_before_exec=yes in dovecot.conf I get this:
doveconf: Fatal: Error in configuration file
/etc/opt/dovecot/dovecot/dovecot.conf line 86: Unknown setting:
drop_priv_before_exec
Following http://dovecot.org/bugreport.html I set
mail_drop_priv_before_exec=yes in dovecot.conf and get:
doveconf: Warning: Obsolete setting in
/etc/opt/dovecot/dovecot/dovecot.conf:86: mail_drop_priv_before_exec
has been replaced by service { drop_priv_before_exec }
doveconf: Fatal: Error in configuration file
/etc/opt/dovecot/dovecot/dovecot.conf line 86: Unknown setting:
drop_priv_before_exec
And disable_plaintext_auth = no seams to not work in beta6.
Re: [Dovecot] Can't establish Dovecot authorization in Exim.
On Thu, 1 Jul 2010 04:31:55 +0900 __ __ wrote: Thank you for the responses. Do I need some setings for auth_advertise_hosts or ACL in Exim configuration and need ports other than 25th (SMTP)? Of course you should define to which hosts you advertise SMTP AUTH. And within your ACLs you should allow AUTH only for SSL/TLS connections. For example: | hostlist relay_hosts= 127.0.0.0/8 : 192.168.28.0/24 | auth_advertise_hosts = !+relay_hosts | .. | acl_smtp_auth = check_auth | acl_smtp_connect = check_connect | .. | check_auth: | accept hosts = +relay_hosts | accept encrypted = * | denymessage = SSL/TLS encryption required for SMTP AUTH | | check_connect: | warnhosts = +relay_hosts | control = allow_auth_unadvertised --Frank Elsner
Re: [Dovecot] dovecot 2.0.beta6 dies when I try to delete a folder with thunderbird
On Wed, 2010-06-30 at 21:57 +0200, Sven Kirmess wrote:
$ openssl s_client -connect localhost:993 -crlf
1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE
QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS]
Logged in
b list Trash *
* LIST (\HasNoChildren) / Trash
b OK List completed.
c list test2 *
* LIST (\HasNoChildren) / test2
c OK List completed.
d rename test2 Trash/test2
closed
Works with me.
I get this message in syslog:
core not dumped - set drop_priv_before_exec=yes
And when I set drop_priv_before_exec=yes in dovecot.conf I get this:
doveconf: Fatal: Error in configuration file
/etc/opt/dovecot/dovecot/dovecot.conf line 86: Unknown setting:
drop_priv_before_exec
Yeah, it doesn't specify that it should be inside service imap {}
section.
Following http://dovecot.org/bugreport.html I set
mail_drop_priv_before_exec=yes in dovecot.conf and get:
doveconf: Warning: Obsolete setting in
/etc/opt/dovecot/dovecot/dovecot.conf:86: mail_drop_priv_before_exec
has been replaced by service { drop_priv_before_exec }
doveconf: Fatal: Error in configuration file
/etc/opt/dovecot/dovecot/dovecot.conf line 86: Unknown setting:
drop_priv_before_exec
I don't understand why some people get this error. I haven't been able
to reproduce it.
Anyway, there's an easy way now that you can easily reproduce it:
1. openssl s_client ..
2. login
3. gdb -p `pidof imap`
cont
4. make it crash
5. gdb should now have stopped, and you can give bt command.
Re: [Dovecot] system v. virtual mailboxes, was Re: Thunderbird problem
/dev/rob0 put forth on 6/29/2010 3:16 PM: On Tue, Jun 29, 2010 at 07:28:52AM -0400, Charles Marcus wrote: On 2010-06-28 9:05 PM, Stan Hoeppner wrote: I guess this is different with virtual users than with system users? Are you using virtual or system users Charles? Virtual of course... doesn't everyone? ;) +1 to everything Rob stated. Virtual mailboxes have their place, of course, but they're overused, especially at small sites. I suppose this might be in part because most HOWTOs are for virtual. snipped the rest, as hopefully everyone already read the very salient advice -- Stan
Re: [Dovecot] Thunderbird problem
Brent Bloxam put forth on 6/29/2010 3:36 PM: Thunderbird is a modern threaded application, users are able to perform many parallel actions. The IMAP protocol returns data for one action at a time, so in order to follow through with the user requests, it delegates commands to multiple connections. This may not be apparent when dealing with mail folders with few messages that have actions completing in a few seconds, but when dealing with large amounts of data the need for multiple connections becomes apparent (unless you're a patient person ;) So you're saying that having multiple connections gives TBird more bandwidth to the server? -- Stan
Re: [Dovecot] system v. virtual mailboxes, was Re: Thunderbird problem
On 2010-06-29 4:16 PM, /dev/rob0 wrote: Virtual mailboxes have their place, of course, but they're overused, especially at small sites. I suppose this might be in part because most HOWTOs are for virtual. That's just plain silly. Virtual users are extremely simple to setup, no need for MySQL unless you have a bunch. That said, there is nothing wrong with using system users, if those users also have/need shell access, but if they don't virtual users is just as easy/legitimate as system users with no shell access. It's more a matter of the individuals skill level. -- Best regards, Charles
Re: [Dovecot] system v. virtual mailboxes, was Re: Thunderbird problem
Charles Marcus put forth on 6/30/2010 5:11 PM: On 2010-06-29 4:16 PM, /dev/rob0 wrote: Virtual mailboxes have their place, of course, but they're overused, especially at small sites. I suppose this might be in part because most HOWTOs are for virtual. That's just plain silly. Virtual users are extremely simple to setup, no need for MySQL unless you have a bunch. That said, there is nothing wrong with using system users, if those users also have/need shell access, but if they don't virtual users is just as easy/legitimate as system users with no shell access. It's more a matter of the individuals skill level. So exactly what does this say about the skill level of people who have implemented, and continue to implement, both solutions, Charles? -- Stan
