Re: SASL AUTH with postfix
On 2019-11-14 22:57, Jorge Bastos via dovecot wrote: It was in my front and didn't saw it. Now i need to go further, have the SASL auth being read from a diferrent table than the password_query for *sql. https://doc.dovecot.org/configuration_manual/authentication/sql/ In the below conf, would it be possible and how, to check an specific sql table for auth? missguiding, the auth below is just the dovecot socket for dovecot-sasl auth in postfix for sql baackends you need to read above link, are you have solved the realm problem or want to ditt it ? service auth { # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0660 # Assuming the default Postfix user and group user = postfix group = postfix } }
Re: SASL AUTH with postfix
On 2019-11-14 15:41, Benny Pedersen via dovecot wrote: Jorge Bastos via dovecot skrev den 2019-11-14 16:25: I've tried to search for the realm part in dovecot but didn't found it, Could you guide me to it? doveconf -d | grep realm doveconf -n if more help is needed Thanks Benny, It was in my front and didn't saw it. Now i need to go further, have the SASL auth being read from a diferrent table than the password_query for *sql. In the below conf, would it be possible and how, to check an specific sql table for auth? service auth { # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0660 # Assuming the default Postfix user and group user = postfix group = postfix } }
Re: SASL AUTH with postfix
Jorge Bastos via dovecot skrev den 2019-11-14 16:25: I've tried to search for the realm part in dovecot but didn't found it, Could you guide me to it? doveconf -d | grep realm doveconf -n if more help is needed
RE: SASL AUTH with postfix
Hi Benny, I've tried to search for the realm part in dovecot but didn't found it, Could you guide me to it? -Original Message- From: dovecot On Behalf Of Benny Pedersen via dovecot Sent: 13 de novembro de 2019 23:33 To: dovecot@dovecot.org Subject: Re: SASL AUTH with postfix Jorge Bastos via dovecot skrev den 2019-11-13 23:53: > Jorge Bastos via dovecot skrev den 2019-11-13 22:00: > plus: > smtpd_sasl_local_domain = fastmail > > but the user that i have in the table, that worked with Cyrus, in the > format: "username@fastmail", it's not working with dovecot if that fails dovecot have no password for that non fqdn mail solution dont add this to postfix in dovecot is realm setup ?
Re: SASL AUTH with postfix
Jorge Bastos via dovecot skrev den 2019-11-13 23:53: Jorge Bastos via dovecot skrev den 2019-11-13 22:00: plus: smtpd_sasl_local_domain = fastmail but the user that i have in the table, that worked with Cyrus, in the format: "username@fastmail", it's not working with dovecot if that fails dovecot have no password for that non fqdn mail solution dont add this to postfix in dovecot is realm setup ?
RE: SASL AUTH with postfix
Jorge Bastos via dovecot skrev den 2019-11-13 22:00: > How can i have the same with dovecot SASL? > Thanks in advanced, https://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL Hi benny, Thanks, That's exactly what i have in postfix: smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes plus: smtpd_sasl_local_domain = fastmail but the user that i have in the table, that worked with Cyrus, in the format: "username@fastmail", it's not working with dovecot meanwhile i was thinking, the auth is beeing made into the main table... i just figured it out now! How could i have the auth for dovecot SASL in a different table? I'd like to keep having one sql table for imap/pop3 auth, and another for smtp, This gives me the advantage of blocking only the outgoing emails for the users, in case if a password is caught, which is very handy at least for me as sysadm
Re: SASL AUTH with postfix
Jorge Bastos via dovecot skrev den 2019-11-13 22:00: How can i have the same with dovecot SASL? Thanks in advanced, https://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
SASL AUTH with postfix
Hi, I just moved from Cyrus SASL to Dovecot SASL, with postfix. Works great, and no issue with non-ascii chars, has i had with Cyrus. With Cyrus i was getting the username/passwd via SQL, with this: sql_select: select password from smtp_auth_users where username='%u@%r' and status='true' worked ok for users with email addresses, and i had some special users that were just a name, like "user-1", and i was able to AUTH it. Postfix had: smtpd_sasl_local_domain = fastmail and in the database i had the username in the format: user-1@fastmail and worked ok. How can i have the same with dovecot SASL? Thanks in advanced,
Re: [Dovecot] Problem with sasl auth with postfix...
On Fri, 2009-03-13 at 18:35 -0400, Douglas M. Stanley wrote: > > Oh. I've heard this before! You've set auth_process_size to 64. Why? > > It's too low and causes NSS plugin loading to fail silently and > > return > > "User doesn't exist" error. Wonder if I could detect this somehow.. Done: http://hg.dovecot.org/dovecot-1.1/rev/abef63c0613b It now logs: getpwnam() failed for some reason. Is auth_process_size set to too low? > Huh, how odd...well the reason was it's in a VM with only 128mb total > memory, so I set it lower. Should have known it was something silly like > that that I changed from my original config and didn't think it would > matter! The *_process_size are VSZ limits, not RSS limits. So if you're using an OS which uses address space layout randomization or something else that causes each process to take about 64 MB of VSZ simply at startup, you really shouldn't set the limits very low. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Problem with sasl auth with postfix...
- "Timo Sirainen" wrote: > On Fri, 2009-03-13 at 17:50 -0400, Douglas M. Stanley wrote: > > > > > Mar 13 19:16:30 mailserver dovecot: auth(default): User > doesn't > > > exist: postfix > > > > > > Does your Postfix installation actually work? What user do you > see > > > running the Postfix processes? > > > > Yep, works fine. The user running the postfix processes is postfix: > > > > root 4219 1 0 19:28 ?00:00:00 > /usr/lib/postfix/master > > postfix 4302 4219 0 19:48 ?00:00:00 qmgr -l -t fifo -u > > Oh. I've heard this before! You've set auth_process_size to 64. Why? > It's too low and causes NSS plugin loading to fail silently and > return > "User doesn't exist" error. Wonder if I could detect this somehow.. Huh, how odd...well the reason was it's in a VM with only 128mb total memory, so I set it lower. Should have known it was something silly like that that I changed from my original config and didn't think it would matter! Thanks so much! Doug
Re: [Dovecot] Problem with sasl auth with postfix...
On Fri, 2009-03-13 at 17:50 -0400, Douglas M. Stanley wrote: > > > > Mar 13 19:16:30 mailserver dovecot: auth(default): User doesn't > > exist: postfix > > > > Does your Postfix installation actually work? What user do you see > > running the Postfix processes? > > Yep, works fine. The user running the postfix processes is postfix: > > root 4219 1 0 19:28 ?00:00:00 /usr/lib/postfix/master > postfix 4302 4219 0 19:48 ?00:00:00 qmgr -l -t fifo -u Oh. I've heard this before! You've set auth_process_size to 64. Why? It's too low and causes NSS plugin loading to fail silently and return "User doesn't exist" error. Wonder if I could detect this somehow.. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Problem with sasl auth with postfix...
- "Timo Sirainen" wrote: > On Fri, 2009-03-13 at 16:40 -0400, Douglas M. Stanley wrote: > > Yep, postfix is installed: > > > > mailserver:/etc/postfix# postconf -h mail_owner > > postfix > .. > > > Mar 13 19:16:30 mailserver dovecot: auth(default): User doesn't > exist: postfix > > Does your Postfix installation actually work? What user do you see > running the Postfix processes? Yep, works fine. The user running the postfix processes is postfix: root 4219 1 0 19:28 ?00:00:00 /usr/lib/postfix/master postfix 4302 4219 0 19:48 ?00:00:00 qmgr -l -t fifo -u postfix 4319 4219 0 19:49 ?00:00:00 tlsmgr -l -t unix -u -c postfix 4352 4219 0 21:27 ?00:00:00 pickup -l -t fifo -u -c Thanks, Doug
Re: [Dovecot] Problem with sasl auth with postfix...
On Fri, 2009-03-13 at 16:40 -0400, Douglas M. Stanley wrote: > Yep, postfix is installed: > > mailserver:/etc/postfix# postconf -h mail_owner > postfix .. > > Mar 13 19:16:30 mailserver dovecot: auth(default): User doesn't exist: > > postfix Does your Postfix installation actually work? What user do you see running the Postfix processes? signature.asc Description: This is a digitally signed message part
Re: [Dovecot] Problem with sasl auth with postfix...
- "Pascal Volk" wrote: > On 13.03.2009 21:40 Douglas M. Stanley wrote: > > Yep, postfix is installed: > > > > mailserver:/etc/postfix# postconf -h mail_owner > > postfix > > Please don't top post. > > I've got no clue what it may be. Please provide the output from > `dovecot -n`. > Here it is... auth default: mechanisms: plain login digest-md5 cram-md5 user: dovecot-auth debug: yes process_size: 64 passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch socket: type: listen client: path: /var/spool/postfix/private/auth mode: 438 > > Regards, > Pascal > -- > The trapper recommends today: c01dcofe.0907...@localdomain.org Thanks, Doug
Re: [Dovecot] Problem with sasl auth with postfix...
On 13.03.2009 21:40 Douglas M. Stanley wrote: > Yep, postfix is installed: > > mailserver:/etc/postfix# postconf -h mail_owner > postfix Please don't top post. I've got no clue what it may be. Please provide the output from `dovecot -n`. Regards, Pascal -- The trapper recommends today: c01dcofe.0907...@localdomain.org
Re: [Dovecot] Problem with sasl auth with postfix...
Yep, postfix is installed: mailserver:/etc/postfix# postconf -h mail_owner postfix Thanks, Doug - Original Message - From: "Pascal Volk" To: "Douglas M. Stanley" Cc: "Dovecot Mailing List" Sent: Friday, March 13, 2009 4:37:07 PM GMT -05:00 US/Canada Eastern Subject: Re: [Dovecot] Problem with sasl auth with postfix... On 13.03.2009 21:01 Douglas M. Stanley wrote: > Hello list, > > I'm running into some problems, and I couldn't find any info about this > anywhere on the net. > > I recently set up a new debian lenny machine, and used my notes from the last > debian etch > machine I set up, which basically is for postfix + dovecot for sasl auth. > > On my old etch box, in the dovecot.conf, in the auth default section, I have a > socket listen { > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > > However, if I use the same config on my lenny setup, dovecot fails to start, > and I see this > in my logs: > > Mar 13 19:16:30 mailserver dovecot: Dovecot v1.0.15 starting up > Mar 13 19:16:30 mailserver dovecot: auth(default): User doesn't exist: postfix > Mar 13 19:16:30 mailserver dovecot: Auth process died too early - shutting > down > Mar 13 19:16:30 mailserver dovecot: child 4623 (auth) returned error 89 > > Now if I comment out the user and group lines, it works fine, but the socket > is > owned by root, and so I have to change the mode line so that it's world > readable > in order for postfix to use it. > > The version of dovecot in etch is: 1.0.rc15-2etch4 > and the version in lenny is: 1.0.15-2.3 > > Any ideas why this might be happening? Did the syntax to do this change > between those > versions? Any input? I guess I don't mind leaving it world readable, but I > wasted an > entire morning trying everything to get it to work, so I guess I'm hoping > some one > atleast has an answer as to why it doesn't work. Is Postfix installed on this system? If so, what shows the command postconf -h mail_owner Regards, Pascal -- The trapper recommends today: c01dcofe.0907...@localdomain.org
Re: [Dovecot] Problem with sasl auth with postfix...
On 13.03.2009 21:01 Douglas M. Stanley wrote: > Hello list, > > I'm running into some problems, and I couldn't find any info about this > anywhere on the net. > > I recently set up a new debian lenny machine, and used my notes from the last > debian etch > machine I set up, which basically is for postfix + dovecot for sasl auth. > > On my old etch box, in the dovecot.conf, in the auth default section, I have a > socket listen { > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > > However, if I use the same config on my lenny setup, dovecot fails to start, > and I see this > in my logs: > > Mar 13 19:16:30 mailserver dovecot: Dovecot v1.0.15 starting up > Mar 13 19:16:30 mailserver dovecot: auth(default): User doesn't exist: postfix > Mar 13 19:16:30 mailserver dovecot: Auth process died too early - shutting > down > Mar 13 19:16:30 mailserver dovecot: child 4623 (auth) returned error 89 > > Now if I comment out the user and group lines, it works fine, but the socket > is > owned by root, and so I have to change the mode line so that it's world > readable > in order for postfix to use it. > > The version of dovecot in etch is: 1.0.rc15-2etch4 > and the version in lenny is: 1.0.15-2.3 > > Any ideas why this might be happening? Did the syntax to do this change > between those > versions? Any input? I guess I don't mind leaving it world readable, but I > wasted an > entire morning trying everything to get it to work, so I guess I'm hoping > some one > atleast has an answer as to why it doesn't work. Is Postfix installed on this system? If so, what shows the command postconf -h mail_owner Regards, Pascal -- The trapper recommends today: c01dcofe.0907...@localdomain.org
[Dovecot] Problem with sasl auth with postfix...
Hello list, I'm running into some problems, and I couldn't find any info about this anywhere on the net. I recently set up a new debian lenny machine, and used my notes from the last debian etch machine I set up, which basically is for postfix + dovecot for sasl auth. On my old etch box, in the dovecot.conf, in the auth default section, I have a socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } However, if I use the same config on my lenny setup, dovecot fails to start, and I see this in my logs: Mar 13 19:16:30 mailserver dovecot: Dovecot v1.0.15 starting up Mar 13 19:16:30 mailserver dovecot: auth(default): User doesn't exist: postfix Mar 13 19:16:30 mailserver dovecot: Auth process died too early - shutting down Mar 13 19:16:30 mailserver dovecot: child 4623 (auth) returned error 89 Now if I comment out the user and group lines, it works fine, but the socket is owned by root, and so I have to change the mode line so that it's world readable in order for postfix to use it. The version of dovecot in etch is: 1.0.rc15-2etch4 and the version in lenny is: 1.0.15-2.3 Any ideas why this might be happening? Did the syntax to do this change between those versions? Any input? I guess I don't mind leaving it world readable, but I wasted an entire morning trying everything to get it to work, so I guess I'm hoping some one atleast has an answer as to why it doesn't work. Thanks, Doug