Re: [Dovecot] Wrong remote IP (rip) in mail.log using IMAP login
Hi, Thanks for the response. I got it working with web mail logs. Thanks again. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Wrong-remote-IP-rip-in-mail-log-using-IMAP-login-tp35176p43550.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] Wrong remote IP (rip) in mail.log using IMAP login
Hi, I am also facing the same problem. When dovecot is accessed through a web mail, the rip is logged as 127.0.0.1 (localhost). /Aug 1 16:28:04 mailspace dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=suja, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=XllGt+DiPQB/AAAB/ So I am also unable to configure fail2ban with dovecot. Is there a way we can log the actual remote IP ? Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/Wrong-remote-IP-rip-in-mail-log-using-IMAP-login-tp35176p43548.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] Who all accessed my dovecot server?
Hi, I have set up a mail server with dovecot as IMAP/POP3 server, postfix as MTA and roundcube as web mail client. Other mail clients such as Thunderbird is also being used for mail access. Now as a security policy in our organization, I want to know the IP addresses of the machines from which my mail server was accessed. Is there any monitoring tools to get these details? Regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/Who-all-accessed-my-dovecot-server-tp43102.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] quota with imapc
Dear dovecot team,
I have set up my mail system with a mail gateway connecting to mail server
using imapc.
Now I need my web mail client to show up the quota info.
I enabled quota plugins in dovecot.conf.
The problem is since all mails reside in the server, the web mail which is
in mail gateway always shows the quota as 0.
Is there any way the plugin will get quota info from the mail server?
I am attaching my conf
## Dovecot configuration file in
mail_uid = imapproxy
mail_gid = imapproxy
mail_home = /home/imapproxy/%u
mail_location = imapc:~/imapc
protocols = imap
##
## imapc settings
##
imapc_host = mailserver.example.com
imapc_port = 143
imapc_ssl = starttls
imapc_ssl_ca_dir = /etc/postfix/certs
##
## auth settings
##
auth_mechanisms = plain login
passdb {
driver = imap
args = host=mailserver.example.com ssl=starttls
ssl_ca_dir=/etc/postfix/certs
default_fields = userdb_imapc_user=%u userdb_imapc_password=%w
ssl=starttls
}
userdb {
driver = prefetch
}
mail_plugins = $mail_plugins quota
plugin {
quota = maildir:User quota
quota_rule = *:storage=200M
}
protocol imap {
# Space separated list of plugins to load (default is global
mail_plugins).
mail_plugins = $mail_plugins imap_quota
}
##
## SSL settings
##
ssl = required
disable_plaintext_auth = yes
#verbose_ssl = yes
ssl_cert = /etc/postfix/certs/public_cert.pem
ssl_key = /etc/postfix/certs/private_key.pem
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
Greetings.
--
View this message in context:
http://dovecot.2317879.n4.nabble.com/quota-with-imapc-tp42280.html
Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] quota with imapc
Ok... Thanks for the response. Waiting to see it soon :) -- View this message in context: http://dovecot.2317879.n4.nabble.com/quota-with-imapc-tp42280p42285.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] IMAP monitoring
Dear Sir, I want to get some statistics of dovecot IMAP server like the number of current IMAP connections, who is logged in to the Dovecot server, bandwidth usage. Is there any utility which does this sort of full monitoring? I tried doveadm who to get the details of logged in users. but its not returning any output even though i am logged in to the server. Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/IMAP-monitoring-tp41723.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB
Thanks a lot! I got it done with imapc_ssl and imapc_ssl_ca_dir settings. I was not aware of those settings. Thanks a bunch! On Wed, Mar 20, 2013 at 10:58 PM, Timo Sirainen [via Dovecot] ml-node+s2317879n40933...@n4.nabble.com wrote: On 8.3.2013, at 8.08, pvsuja [hidden email]http://user/SendEmail.jtp?type=nodenode=40933i=0 wrote: Through wireshark, I found the username and password is going in plain text only to the server. How will I enable starttls in ImapcProxy before any communication starts? imapc_ssl = starttls See also other related settings in http://wiki2.dovecot.org/Migration/Dsync I guess imapc should have its own wiki page some day. -- If you reply to this email, your message will be added to the discussion below: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40933.html To unsubscribe from dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB, click herehttp://dovecot.2317879.n4.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_codenode=40684code=cHZzdWphQGdtYWlsLmNvbXw0MDY4NHwtNzgyNTk5NDQ0 . NAMLhttp://dovecot.2317879.n4.nabble.com/template/NamlServlet.jtp?macro=macro_viewerid=instant_html%21nabble%3Aemail.namlbase=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespacebreadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40973.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
I got it working with the configuration i sent in last mail (without ssl_ca setting) And i had to give the hostname in place of ip address of server since the ssl certificates were having the host name. Thanks to all of you for your time and support.. Thanks a bunch -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40900.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Yes,
proxy log says that its over TLS.
but the server is receiving username and password in plain text. I verified
it in wireshark.
I am using squirrelmail web client n had configured it for STARTTLS.
*My dovecot settings for Server:*
suja@mailserver:/etc/dovecot# dovecot -n
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 ext3
log_timestamp: %Y-%m-%d %H:%M:%S
ssl: required
ssl_cert_file: /etc/postfix/certs/public_cert.pem
ssl_key_file: /etc/postfix/certs/private_key.pem
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_location: maildir:/email/%n:INBOX=/email/%n/INBOX
mbox_write_locks: fcntl dotlock
auth default:
mechanisms: plain login
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap-userdb.conf
*My dovecot settings for Proxy:*
suja@mailproxy:/usr/local/etc/dovecot# dovecot -n
# 2.1.15: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-35-generic-pae i686 Ubuntu 12.04.1 LTS
auth_mechanisms = plain login
imapc_host = 10.131.1.16
mail_gid = imapproxy
mail_home = /home/imapproxy/%u
mail_location = imapc:~/imapc
mail_uid = imapproxy
passdb {
args = host=10.131.1.16
default_fields = userdb_imapc_user=%u userdb_imapc_password=%w
driver = imap
}
protocols = imap
service auth {
inet_listener {
port = 12345
}
}
ssl = required
ssl_ca = /usr/lib/ssl/misc/demoCA/cacert.pem
ssl_cert = /usr/lib/ssl/misc/public_cert.pem
ssl_key = /usr/lib/ssl/misc/private_key.pem
userdb {
driver = prefetch
}
Thanks regards,
Suja
--
View this message in context:
http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40862.html
Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
I am using imap passwd driver for proxy and ldap for server.
proxy will contact mail server for authentication which in turn will contact
ldap server.
the server auth with ldap is already tested and its working fine.
now i guess i got the auth working properly; but not the mail retrieval
through imapc from the logs:
Mar 19 09:33:16 mailspace dovecot: imap-login: Debug: SSL: where=0x2002,
ret=1: SSL negotiation finished successfully [127.0.0.1]
Mar 19 09:33:16 mailspace dovecot: imap-login: Login: user=suja,
method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=26029, TLS,
session=P5ZiLz/YsQB/AAAB
Mar 19 09:33:16 mailspace dovecot: imap(suja): Invalid certificate: self
signed certificate in certificate chain: /C=IN/ST=Karnataka/O=xxx/OU=YYY
CA/CN=mailserver.domain.com/emailAddress=sys...@domain.com
Mar 19 09:33:16 mailspace dovecot: imap(suja): Error:
imapc(10.131.1.16:143): Received invalid SSL certificate
Mar 19 09:33:16 mailspace dovecot: imap(suja): Error:
imapc(10.131.1.16:143): Authentication failed: Disconnected from server
Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: imapc: Command failed:
Disconnected from server
Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: user suja:
Initialization failed: Initializing mail storage from mail_location setting
failed: imapc: LIST failed: Internal error occurred. Refer to server log for
more information. [2013-03-19 09:33:16]
Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: Invalid user settings.
Refer to server log for more information.
Mar 19 09:33:16 mailspace dovecot: imap-login: Warning: SSL alert:
where=0x4008, ret=256: warning close notify [127.0.0.1]
with the following dovecot conf:
root@mailspace:/usr/local/etc/dovecot# dovecot -n
# 2.1.15: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-35-generic-pae i686 Ubuntu 12.04.1 LTS
auth_mechanisms = plain login
imapc_host = 10.131.1.16
imapc_ssl = starttls
imapc_ssl_ca_dir = /usr/local/etc/dovecot/certs
mail_gid = imapproxy
mail_home = /home/imapproxy/%u
mail_location = imapc:~/imapc
mail_uid = imapproxy
passdb {
args = host=10.131.1.16 ssl=starttls
ssl_ca_dir=/usr/local/etc/dovecot/certs
default_fields = userdb_imapc_user=%u userdb_imapc_password=%w
ssl=starttls
driver = imap
}
protocols = imap
service auth {
inet_listener {
port = 12345
}
}
ssl = required
ssl_ca = /usr/local/etc/dovecot/certs/cacert.pem
ssl_cert = /usr/local/etc/dovecot/certs/public_cert.pem
ssl_key = /usr/local/etc/dovecot/certs/private_key.pem
userdb {
driver = prefetch
}
verbose_ssl = yes
I guess my SSL certificate configuration is not done properly.
--
View this message in context:
http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40888.html
Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Hi Jan, Thanks for your response and Sorry for this late reply. I was out of station. And my question is why my mail client is sending the auth details in plain text? how will i make sure, auth is done after starttls only? -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40763.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB
Yes, I know that. When I am telnetting to my ImapcProxy over 143, the capabilities are listed .. STARTTLS AUTH=PLAIN AUTH=LOGIN . I need the AUTH capability to be enabled only after STARTTLS I have done this in Postfix. Is there a way to do it in Dovecot? -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40689.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB
Hi, I have set up ImapcProxy based on the wiki2 page. My server is set up for no plain text auth without starttls. When I am trying to login in the proxy server, I am getting an error Unknown username/password. The log says: *dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB* The server log: *dovecot: imap-login: Disconnected (tried to use disabled plaintext auth): rip=10.x.x.x, lip=10.x.x.y* Through wireshark, I found the username and password is going in plain text only to the server. How will I enable starttls in ImapcProxy before any communication starts? Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Line #12 is ssl_cert = /etc/ssl/certs/dovecot.pem doveconf -n gives the error: lt;bdoveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: ssl_cert* ./sbin/dovecot --build-options gives: *Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192 Mail storages: shared mdbox sdbox maildir mbox cydir imapc_stub pop3c_stub raw SQL drivers: Passdb: checkpassword passwd passwd-file shadow Userdb: checkpassword nss passwd prefetch passwd-file * Note: I have not changed any settings. Simply copied from example_config and tried doveconf and getting this error. -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40640.html Sent from the Dovecot mailing list archive at Nabble.com.
Re: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
I installed the stable version 2.1 and its working fine. Now there is a separate issue. I have set up my mail server to disable all plaintext auth. Now when i am trying to login with the imapcproxy, its giving error Unknown user/password The log says: In proxy: /mailproxy dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=xxx, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=1pBG/03XogB/AAAB / In server: /mailserver dovecot: imap-login: Disconnected (tried to use disabled plaintext auth): rip=10.x.x.x, lip=10.x.x.y/ Regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40664.html Sent from the Dovecot mailing list archive at Nabble.com.
[Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze
Dear sir, I have to set up a mail gateway which will be explored to Internet and a secure mail server in the Intranet. I need a smart imap proxy in the mail gateway which will fetch the mail from server and present to user through either a stand alone mail client or a web mail client. All authentication is through ldap server. I have installed Dovecot 2.2 Unstable in my Ubuntu 12.04 with ssl enabled But when I am starting dovecot, I am getting the following error *doveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: ssl_cert* I couldn't figure out what is wrong. Please help me to sort it out. Thanks Regards, Suja PV LEOS -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634.html Sent from the Dovecot mailing list archive at Nabble.com.
