Re: [Dovecot] Wrong remote IP (rip) in mail.log using IMAP login
Hi, Thanks for the response. I got it working with web mail logs. Thanks again. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Wrong-remote-IP-rip-in-mail-log-using-IMAP-login-tp35176p43550.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] Wrong remote IP (rip) in mail.log using IMAP login
Hi, I am also facing the same problem. When dovecot is accessed through a web mail, the rip is logged as 127.0.0.1 (localhost). /Aug 1 16:28:04 mailspace dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=suja, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=XllGt+DiPQB/AAAB/ So I am also unable to configure fail2ban with dovecot. Is there a way we can log the actual remote IP ? Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/Wrong-remote-IP-rip-in-mail-log-using-IMAP-login-tp35176p43548.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] Who all accessed my dovecot server?
Hi, I have set up a mail server with dovecot as IMAP/POP3 server, postfix as MTA and roundcube as web mail client. Other mail clients such as Thunderbird is also being used for mail access. Now as a security policy in our organization, I want to know the IP addresses of the machines from which my mail server was accessed. Is there any monitoring tools to get these details? Regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/Who-all-accessed-my-dovecot-server-tp43102.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] quota with imapc
Dear dovecot team, I have set up my mail system with a mail gateway connecting to mail server using imapc. Now I need my web mail client to show up the quota info. I enabled quota plugins in dovecot.conf. The problem is since all mails reside in the server, the web mail which is in mail gateway always shows the quota as 0. Is there any way the plugin will get quota info from the mail server? I am attaching my conf ## Dovecot configuration file in mail_uid = imapproxy mail_gid = imapproxy mail_home = /home/imapproxy/%u mail_location = imapc:~/imapc protocols = imap ## ## imapc settings ## imapc_host = mailserver.example.com imapc_port = 143 imapc_ssl = starttls imapc_ssl_ca_dir = /etc/postfix/certs ## ## auth settings ## auth_mechanisms = plain login passdb { driver = imap args = host=mailserver.example.com ssl=starttls ssl_ca_dir=/etc/postfix/certs default_fields = userdb_imapc_user=%u userdb_imapc_password=%w ssl=starttls } userdb { driver = prefetch } mail_plugins = $mail_plugins quota plugin { quota = maildir:User quota quota_rule = *:storage=200M } protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_quota } ## ## SSL settings ## ssl = required disable_plaintext_auth = yes #verbose_ssl = yes ssl_cert = /etc/postfix/certs/public_cert.pem ssl_key = /etc/postfix/certs/private_key.pem ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL Greetings. -- View this message in context: http://dovecot.2317879.n4.nabble.com/quota-with-imapc-tp42280.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] quota with imapc
Ok... Thanks for the response. Waiting to see it soon :) -- View this message in context: http://dovecot.2317879.n4.nabble.com/quota-with-imapc-tp42280p42285.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] IMAP monitoring
Dear Sir, I want to get some statistics of dovecot IMAP server like the number of current IMAP connections, who is logged in to the Dovecot server, bandwidth usage. Is there any utility which does this sort of full monitoring? I tried doveadm who to get the details of logged in users. but its not returning any output even though i am logged in to the server. Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/IMAP-monitoring-tp41723.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB
Thanks a lot! I got it done with imapc_ssl and imapc_ssl_ca_dir settings. I was not aware of those settings. Thanks a bunch! On Wed, Mar 20, 2013 at 10:58 PM, Timo Sirainen [via Dovecot] ml-node+s2317879n40933...@n4.nabble.com wrote: On 8.3.2013, at 8.08, pvsuja [hidden email]http://user/SendEmail.jtp?type=nodenode=40933i=0 wrote: Through wireshark, I found the username and password is going in plain text only to the server. How will I enable starttls in ImapcProxy before any communication starts? imapc_ssl = starttls See also other related settings in http://wiki2.dovecot.org/Migration/Dsync I guess imapc should have its own wiki page some day. -- If you reply to this email, your message will be added to the discussion below: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40933.html To unsubscribe from dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB, click herehttp://dovecot.2317879.n4.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_codenode=40684code=cHZzdWphQGdtYWlsLmNvbXw0MDY4NHwtNzgyNTk5NDQ0 . NAMLhttp://dovecot.2317879.n4.nabble.com/template/NamlServlet.jtp?macro=macro_viewerid=instant_html%21nabble%3Aemail.namlbase=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespacebreadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40973.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
I got it working with the configuration i sent in last mail (without ssl_ca setting) And i had to give the hostname in place of ip address of server since the ssl certificates were having the host name. Thanks to all of you for your time and support.. Thanks a bunch -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40900.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Yes, proxy log says that its over TLS. but the server is receiving username and password in plain text. I verified it in wireshark. I am using squirrelmail web client n had configured it for STARTTLS. *My dovecot settings for Server:* suja@mailserver:/etc/dovecot# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 ext3 log_timestamp: %Y-%m-%d %H:%M:%S ssl: required ssl_cert_file: /etc/postfix/certs/public_cert.pem ssl_key_file: /etc/postfix/certs/private_key.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:/email/%n:INBOX=/email/%n/INBOX mbox_write_locks: fcntl dotlock auth default: mechanisms: plain login passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot/dovecot-ldap-userdb.conf *My dovecot settings for Proxy:* suja@mailproxy:/usr/local/etc/dovecot# dovecot -n # 2.1.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-35-generic-pae i686 Ubuntu 12.04.1 LTS auth_mechanisms = plain login imapc_host = 10.131.1.16 mail_gid = imapproxy mail_home = /home/imapproxy/%u mail_location = imapc:~/imapc mail_uid = imapproxy passdb { args = host=10.131.1.16 default_fields = userdb_imapc_user=%u userdb_imapc_password=%w driver = imap } protocols = imap service auth { inet_listener { port = 12345 } } ssl = required ssl_ca = /usr/lib/ssl/misc/demoCA/cacert.pem ssl_cert = /usr/lib/ssl/misc/public_cert.pem ssl_key = /usr/lib/ssl/misc/private_key.pem userdb { driver = prefetch } Thanks regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40862.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
I am using imap passwd driver for proxy and ldap for server. proxy will contact mail server for authentication which in turn will contact ldap server. the server auth with ldap is already tested and its working fine. now i guess i got the auth working properly; but not the mail retrieval through imapc from the logs: Mar 19 09:33:16 mailspace dovecot: imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [127.0.0.1] Mar 19 09:33:16 mailspace dovecot: imap-login: Login: user=suja, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=26029, TLS, session=P5ZiLz/YsQB/AAAB Mar 19 09:33:16 mailspace dovecot: imap(suja): Invalid certificate: self signed certificate in certificate chain: /C=IN/ST=Karnataka/O=xxx/OU=YYY CA/CN=mailserver.domain.com/emailAddress=sys...@domain.com Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: imapc(10.131.1.16:143): Received invalid SSL certificate Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: imapc(10.131.1.16:143): Authentication failed: Disconnected from server Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: imapc: Command failed: Disconnected from server Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: user suja: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: LIST failed: Internal error occurred. Refer to server log for more information. [2013-03-19 09:33:16] Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: Invalid user settings. Refer to server log for more information. Mar 19 09:33:16 mailspace dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] with the following dovecot conf: root@mailspace:/usr/local/etc/dovecot# dovecot -n # 2.1.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-35-generic-pae i686 Ubuntu 12.04.1 LTS auth_mechanisms = plain login imapc_host = 10.131.1.16 imapc_ssl = starttls imapc_ssl_ca_dir = /usr/local/etc/dovecot/certs mail_gid = imapproxy mail_home = /home/imapproxy/%u mail_location = imapc:~/imapc mail_uid = imapproxy passdb { args = host=10.131.1.16 ssl=starttls ssl_ca_dir=/usr/local/etc/dovecot/certs default_fields = userdb_imapc_user=%u userdb_imapc_password=%w ssl=starttls driver = imap } protocols = imap service auth { inet_listener { port = 12345 } } ssl = required ssl_ca = /usr/local/etc/dovecot/certs/cacert.pem ssl_cert = /usr/local/etc/dovecot/certs/public_cert.pem ssl_key = /usr/local/etc/dovecot/certs/private_key.pem userdb { driver = prefetch } verbose_ssl = yes I guess my SSL certificate configuration is not done properly. -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40888.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Hi Jan, Thanks for your response and Sorry for this late reply. I was out of station. And my question is why my mail client is sending the auth details in plain text? how will i make sure, auth is done after starttls only? -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40763.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB
Yes, I know that. When I am telnetting to my ImapcProxy over 143, the capabilities are listed .. STARTTLS AUTH=PLAIN AUTH=LOGIN . I need the AUTH capability to be enabled only after STARTTLS I have done this in Postfix. Is there a way to do it in Dovecot? -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40689.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB
Hi, I have set up ImapcProxy based on the wiki2 page. My server is set up for no plain text auth without starttls. When I am trying to login in the proxy server, I am getting an error Unknown username/password. The log says: *dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB* The server log: *dovecot: imap-login: Disconnected (tried to use disabled plaintext auth): rip=10.x.x.x, lip=10.x.x.y* Through wireshark, I found the username and password is going in plain text only to the server. How will I enable starttls in ImapcProxy before any communication starts? Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Line #12 is ssl_cert = /etc/ssl/certs/dovecot.pem doveconf -n gives the error: lt;bdoveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: ssl_cert* ./sbin/dovecot --build-options gives: *Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192 Mail storages: shared mdbox sdbox maildir mbox cydir imapc_stub pop3c_stub raw SQL drivers: Passdb: checkpassword passwd passwd-file shadow Userdb: checkpassword nss passwd prefetch passwd-file * Note: I have not changed any settings. Simply copied from example_config and tried doveconf and getting this error. -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40640.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
I installed the stable version 2.1 and its working fine. Now there is a separate issue. I have set up my mail server to disable all plaintext auth. Now when i am trying to login with the imapcproxy, its giving error Unknown user/password The log says: In proxy: /mailproxy dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB / In server: /mailserver dovecot: imap-login: Disconnected (tried to use disabled plaintext auth): rip=10.x.x.x, lip=10.x.x.y/ Regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40664.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Dear sir, I have to set up a mail gateway which will be explored to Internet and a secure mail server in the Intranet. I need a smart imap proxy in the mail gateway which will fetch the mail from server and present to user through either a stand alone mail client or a web mail client. All authentication is through ldap server. I have installed Dovecot 2.2 Unstable in my Ubuntu 12.04 with ssl enabled But when I am starting dovecot, I am getting the following error *doveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: ssl_cert* I couldn't figure out what is wrong. Please help me to sort it out. Thanks Regards, Suja PV LEOS -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634.html Sent from the Dovecot mailing list archive at Nabble.com.