Hi Christian,
Thanks for clarifying. I had come to this conclusion and also found a
way to get Dovecot to accept the connection without a password, but
thought there may be a better option, unfortunately not.
It would also appear that this leaves ActiveSync wide open to accept any
password, so I presume this means that it is relying on the backend for
authentication and there is no login process within SOGo itself?
Assuming this is the case, the only solution would then be to run two
instances, one for webmail and a second for ActiveSync.
Regards,
James
On 16/10/2017 08:44, Christian Mack ([email protected]) wrote:
Am 15.10.2017 um 13:34 schrieb James MCCOY ([email protected]):
Hello all,
I'm implementing 2FA to strengthen my SOGo security using this great
project - https://github.com/clems4ever/authelia
Following
https://sogo.nu/nc/support/faq/article/how-to-use-webauth-with-sogo-2.html
login is working and the user gets passed into SOGo webmail with access
to contacts and calendar, however no emails show as the IMAP login fails
as no password is passed, however no password is available as the
authentication has been handled before reaching SOGo.
The SOGo logs shows;
Oct 15 12:03:36 sogod [7]: [ERROR]
<0x0x56494a8b8b30[NGImap4ConnectionManager]> IMAP4 login failed:
host=10.10.1.101, [email protected], pwd=no
url=imaps://user%[email protected]/?tls=YES
base=(null)
base-class=(null))
= <0x0x56494a9ffba0[NGImap4Client]: [email protected](pwd)
socket=<NGActiveSSLSocket[0x0x56494acc7130]: mode=rw address=(null)>>
Oct 15 12:03:36 sogod [7]: <0x56494aba22f0[SOGoMailAccount]:0> renewing
imap4 password
Oct 15 12:03:36 sogod [7]: [ERROR] <0x56494aba22f0[SOGoMailAccount]:0>
no IMAP4 password available
Oct 15 12:03:36 sogod [7]: [ERROR] <0x56494aba22f0[SOGoMailAccount]:0>
Could not connect IMAP4
And in the mail.log
Oct 15 12:07:29 mailserver dovecot: imap-login: Disconnected (auth
failed, 1 attempts in 2 secs): user=<[email protected]
<mailto:[email protected]>>, method=PLAIN, rip=10.10.1.105,
lip=10.10.1.101, TLS: Disconnected, session=<qFww5ZNbUgAKCgFp>
Oct 15 12:07:32 mailserver dovecot: imap([email protected]
<mailto:[email protected]>): Disconnected: Logged out in=24114 out=752986
Any suggestions to resolve this please? I've discovered one option which
was dismissed by SOGo of implementing the master password, but
presumably someone must be making use of the webauth feature!!
You have to tell your IMAP server and SMTP server to accept connections
from your SOGo server without authentication then.
That is the known draw back of SOGoTrustProxyAuthentication = YES;.
Kind regards,
Christian Mack
--
[email protected]
https://inverse.ca/sogo/lists
