Re: requiring a full fqdn for authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 6 Mar 2018, David Mehler wrote: Thanks. Can you elaborate? post your sql config of Dovecot. On 3/6/18, Steffen Kaiserwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Mar 2018, David Mehler wrote: dovecot to require a complete email address as a login. Currently I can log in by either a username or fqdn. I've got the below what is the issue? If I need to provide my sql password query let me know. your SQL query in passdb allows both usernames. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp6JisQnQQNheMxiAQKuuggAjNcedq1DVGWbe/3vpKHUHdgBJVzmmEsI seSm/NFfR6/Fw8c4fCz0BAiIBUkmo7LEowFFo6M9Yf+ZJHP1IDt6N7gWTgral2Vh pMrNn+mv9okzL2UvJzUlkCA4ntBJVG3BrG9ZUJfk/1f8IKS090nNpu4F79Ag0TG2 MiobX5XtIRvpwSTCteVzQaIanpNhmW/BSvA2smPcdt58AmVI6HUslxcsv9A1XZLP q47pYucUTyPdsNcK4OrzitRH2+0HNTw70kClP/dfUWEvL4ssw3drCXhO7LjN+Crq IpdfHp0k7bkfIv/e5Lfg4ZZs4uV5obEyqaa+UP0IUTLrEau1syZd9Q== =lhft -END PGP SIGNATURE- - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp+YQsQnQQNheMxiAQJTmwf9GMcFCQT0wZmBjJom7Ni3UHTz0eHyYEHS aCQ0aJ0VFz7WRxuHjlyfCaTkcwtMNQ3chos/wcLpNZ6gsSb4LIMLTXFkO6ibioWS f1IUVlcQ1EefekyZh/AC8DvH3pw+mejLsG7eUzUwNerbQ7bhh49q2lDZNjaBVlPu O48t8HV4Jt2X84GTo8vNkNmTc0PCs0ul+Y2Hg9H7WjTl8HMGH+YR/P1cTC6yk8dU JfQ1jhvBpdvXG8lccSehHrpJ7f76yuB9i7QUDVHy+193ECwkFHOfhFVwsm54Edpb nPJrygwyciDz57ItMABbDsaek66tZyVmUNEnLyaeKbkCw1XH3B7tuw== =3UkM -END PGP SIGNATURE-
Re: requiring a full fqdn for authentication
You need to match against both %n (username) and %d (domain) in your SQL query. Good luck! Reio On 06.03.18 16:42, David Mehler wrote: Hi, Thanks. Can you elaborate? Thanks. Dave. On 3/6/18, Steffen Kaiserwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Mar 2018, David Mehler wrote: dovecot to require a complete email address as a login. Currently I can log in by either a username or fqdn. I've got the below what is the issue? If I need to provide my sql password query let me know. your SQL query in passdb allows both usernames. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp6JisQnQQNheMxiAQKuuggAjNcedq1DVGWbe/3vpKHUHdgBJVzmmEsI seSm/NFfR6/Fw8c4fCz0BAiIBUkmo7LEowFFo6M9Yf+ZJHP1IDt6N7gWTgral2Vh pMrNn+mv9okzL2UvJzUlkCA4ntBJVG3BrG9ZUJfk/1f8IKS090nNpu4F79Ag0TG2 MiobX5XtIRvpwSTCteVzQaIanpNhmW/BSvA2smPcdt58AmVI6HUslxcsv9A1XZLP q47pYucUTyPdsNcK4OrzitRH2+0HNTw70kClP/dfUWEvL4ssw3drCXhO7LjN+Crq IpdfHp0k7bkfIv/e5Lfg4ZZs4uV5obEyqaa+UP0IUTLrEau1syZd9Q== =lhft -END PGP SIGNATURE- -- Tervitades Reio Remma MR Stuudio 25 aastat *MR Stuudio OÜ* Tondi 17b, 11316, Tallinn Tel +372 650 4808 Mob +372 56 22 00 33 r...@mrstuudio.ee www.mrstuudio.ee
Re: requiring a full fqdn for authentication
Hi, Thanks. Can you elaborate? Thanks. Dave. On 3/6/18, Steffen Kaiserwrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Fri, 2 Mar 2018, David Mehler wrote: > >> dovecot to require a complete email address as a login. Currently I >> can log in by either a username or fqdn. I've got the below what is >> the issue? > >> If I need to provide my sql password query let me know. > > your SQL query in passdb allows both usernames. > > > - -- > Steffen Kaiser > -BEGIN PGP SIGNATURE- > Version: GnuPG v1 > > iQEVAwUBWp6JisQnQQNheMxiAQKuuggAjNcedq1DVGWbe/3vpKHUHdgBJVzmmEsI > seSm/NFfR6/Fw8c4fCz0BAiIBUkmo7LEowFFo6M9Yf+ZJHP1IDt6N7gWTgral2Vh > pMrNn+mv9okzL2UvJzUlkCA4ntBJVG3BrG9ZUJfk/1f8IKS090nNpu4F79Ag0TG2 > MiobX5XtIRvpwSTCteVzQaIanpNhmW/BSvA2smPcdt58AmVI6HUslxcsv9A1XZLP > q47pYucUTyPdsNcK4OrzitRH2+0HNTw70kClP/dfUWEvL4ssw3drCXhO7LjN+Crq > IpdfHp0k7bkfIv/e5Lfg4ZZs4uV5obEyqaa+UP0IUTLrEau1syZd9Q== > =lhft > -END PGP SIGNATURE- >
Re: requiring a full fqdn for authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 2 Mar 2018, David Mehler wrote: dovecot to require a complete email address as a login. Currently I can log in by either a username or fqdn. I've got the below what is the issue? If I need to provide my sql password query let me know. your SQL query in passdb allows both usernames. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWp6JisQnQQNheMxiAQKuuggAjNcedq1DVGWbe/3vpKHUHdgBJVzmmEsI seSm/NFfR6/Fw8c4fCz0BAiIBUkmo7LEowFFo6M9Yf+ZJHP1IDt6N7gWTgral2Vh pMrNn+mv9okzL2UvJzUlkCA4ntBJVG3BrG9ZUJfk/1f8IKS090nNpu4F79Ag0TG2 MiobX5XtIRvpwSTCteVzQaIanpNhmW/BSvA2smPcdt58AmVI6HUslxcsv9A1XZLP q47pYucUTyPdsNcK4OrzitRH2+0HNTw70kClP/dfUWEvL4ssw3drCXhO7LjN+Crq IpdfHp0k7bkfIv/e5Lfg4ZZs4uV5obEyqaa+UP0IUTLrEau1syZd9Q== =lhft -END PGP SIGNATURE-
requiring a full fqdn for authentication
Hello, I'm using dovecot to do postfix authentication. I'm trying to get dovecot to require a complete email address as a login. Currently I can log in by either a username or fqdn. I've got the below what is the issue? If I need to provide my sql password query let me know. Thanks. Dave. doveconf -n # 2.2.34 (874deae): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: FreeBSD 11.1-RELEASE-p4 amd64 # Hostname: localhost auth_cache_size = 10 M auth_default_realm = example.com auth_realms = example.com example2.com dict { acl = mysql:/usr/local/etc/dovecot/shared-folders.conf sqlquota = mysql:/usr/local/etc/dovecot/quota.conf } first_valid_gid = 999 first_valid_uid = 999 hostname = mail.example.com imap_idle_notify_interval = 10 mins last_valid_gid = 999 last_valid_uid = 999 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = X-Original-To listen = 127.0.0.1 xxx.xxx.xxx.xxx lmtp_rcpt_check_quota = yes mail_access_groups = vmail mail_fsync = never mail_gid = vmail mail_home = /home/vmail/mailboxes/%d/%n mail_location = maildir:~/mail:LAYOUT=fs mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib mail_privileged_group = vmail mail_server_admin = mailto:postmas...@example.com mail_uid = vmail mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapflags notify imapsieve vnd.dovecot.imapsieve namespace { list = children location = maildir:/home/vmail/public:LAYOUT=fs:INDEXPVT=~/mail/public mailbox TestFolder { auto = subscribe comment = Public Folder for message sharing } prefix = public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:%%h/Maildir:INDEXPVT=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Archive { auto = no special_use = \Archive } mailbox Archives { auto = subscribe special_use = \Archive } mailbox "Deleted Messages" { auto = no autoexpunge = 30 days special_use = \Trash } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = no autoexpunge = 30 days special_use = \Junk } mailbox "Junk E-mail" { auto = no autoexpunge = 30 days special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Items" { auto = no special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Spam { auto = subscribe autoexpunge = 30 days special_use = \Junk } mailbox Trash { auto = subscribe autoexpunge = 30 days special_use = \Trash } mailbox virtual/All { comment = All my messages special_use = \All } prefix = separator = / type = private } namespace virtual { location = virtual:/usr/local/etc/dovecot/virtual:INDEX=~/virtual:CONTROL=~/virtual prefix = virtual/ separator = / } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300 acl_anyone = allow acl_globals_only = yes acl_shared_dict = proxy::acl fts = solr fts_autoindex = yes fts_solr = url=http://127.0.0.1:8983/solr/dovecot/ imapsieve_mailbox1_before = file:/home/vmail/sieve/global/learn-spam.sieve imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_name = Spam imapsieve_mailbox2_before = file:/home/vmail/sieve/global/learn-ham.sieve imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_from = Spam imapsieve_mailbox2_name = * last_login_dict = proxy::lastlogin last_login_key = last-login/%u mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = count:User quota quota_clone_dict = proxy::sqlquota quota_exceeded_message = Storage quota for this account has been exceeded, please try again later. quota_grace = 10%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_vsizes = true quota_warning = storage=100%% quota-exceeded 100 %u quota_warning2 = storage=95%% quota-warning 95 %u quota_warning3 = storage=90%% quota-warning 90 %u quota_warning4 = storage=85%% quota-warning 85 %u quota_warning5 = storage=75%% quota-warning 75 %u sieve = ~/.dovecot.sieve sieve_before = /home/vmail/sieve/before.d sieve_default = /home/vmail/sieve/default.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags sieve_global_dir = /home/vmail/sieve sieve_global_extensions =