[Dovecot] can't login in pop3 accounts

Sebastian Alduncin Pisanty ebraining at yahoo.com
Mon Jan 31 20:59:48 EET 2005


hi there...
i HAVE practically searched in ALL messages from 2004
year, and haven't any luck with this problem, so I'm
inserting here "dovecot.conf" content: 

## Dovecot 1.0 configuration file

# Default values are shown after each value, it's not
required to uncomment
# any of the lines. Exception to this are paths,
they're just examples
# with real defaults being based on configure options.
The paths listed here
# are for configure --prefix=/usr --sysconfdir=/etc
--localstatedir=/var
# --with-ssldir=/usr/share/ssl

# Base directory where to store runtime data.
base_dir = /var/run/dovecot/

# Protocols we want to be serving:
#  imap imaps pop3 pop3s
protocols = imap pop3

# IP or host address where to listen in for
connections. It's not currently
# possible to specify multiple addresses. "*" listens
in all IPv4 interfaces.
# "[::]" listens in all IPv6 interfaces, but may also
listen in all IPv4
# interfaces depending on the operating system. You
can specify ports with
# "host:port".
imap_listen = *
pop3_listen = *

# IP or host address where to listen in for SSL
connections. Defaults
# to above non-SSL equilevants if not specified.
#imaps_listen = 
#pop3s_listen = 

# Disable SSL/TLS support.
#ssl_disable = no

# PEM encoded X.509 SSL/TLS certificate and private
key. They're opened before
# dropping root privileges, so keep the key file
unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily
generate self-signed
# certificate, just make sure to update the domains in
dovecot-openssl.cnf
#ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
#ssl_key_file = /usr/share/ssl/private/dovecot.pem

# SSL parameter file. Master process generates this
file for login processes.
# It contains Diffie Hellman and RSA parameters.
#ssl_parameters_file =
/var/run/dovecot/ssl-parameters.dat

# How often to regenerate the SSL parameters file.
Generation is quite CPU
# intensive operation. The value is in hours, 0
disables regeneration
# entirely.
#ssl_parameters_regenerate = 0

# Disable LOGIN command and all other plaintext
authentications unless
# SSL/TLS is used (LOGINDISABLED capability)
#disable_plaintext_auth = no

# Use this logfile instead of syslog(). /dev/stderr
can be used if you want to
# use stderr for logging (ONLY /dev/stderr - otherwise
it is closed).
#log_path = 

# For informational messages, use this logfile instead
of the default
#info_log_path = 

# Prefix for each line written to log file. % codes
are in strftime(3)
# format. Note the extra space at the end of line.
log_timestamp = "%b %d %H:%M:%S "

##
## Login processes
##

# Directory where authentication process places
authentication UNIX sockets
# which login needs to be able to connect to. The
sockets are created when
# running as root, so you don't have to worry about
permissions.
login_dir = /var/run/dovecot-login

# chroot login process to the login_dir. Only reason
not to do this is if you
# wish to run the whole Dovecot without roots.
#login_chroot = yes


##
## IMAP login process
##

login = imap

# Executable location.
#login_executable = /usr/libexec/dovecot/imap-login

# User to use for the login process. Create a
completely new user for this,
# and don't use it anywhere else. The user must also
belong to a group where
# only it has access, it's used to control access for
authentication process.
#login_user = dovecot

# Set max. process size in megabytes. If you don't use
# login_process_per_connection you might need to grow
this.
#login_process_size = 16

# Should each login be processed in it's own process
(yes), or should one
# login process be allowed to process multiple
connections (no)? Yes is more
# secure, espcially with SSL/TLS enabled. No is faster
since there's no need
# to create processes all the time.
#login_process_per_connection = yes

# Number of login processes to create. If
login_process_per_user is
# yes, this is the number of extra processes waiting
for users to log in.
#login_processes_count = 3

# Maximum number of extra login processes to create.
The extra process count
# usually stays at login_processes_count, but when
multiple users start logging
# in at the same time more extra processes are
created. To prevent fork-bombing
# we check only once in a second if new processes
should be created - if all
# of them are used at the time, we double their amount
until limit set by this
# setting is reached. This setting is used only if
login_process_per_use is yes.
#login_max_processes_count = 128

# Maximum number of connections allowed in login
state. When this limit is
# reached, the oldest connections are dropped. If
login_process_per_user
# is no, this is a per-process value, so the absolute
maximum number of users
# logging in actually login_processes_count *
max_logging_users.
#login_max_logging_users = 256

##
## POP3 login process
##

# Settings default to same as above, so you don't have
to set anything
# unless you want to override them.

login = pop3

# Exception to above rule being the executable
location.
#login_executable = /usr/libexec/dovecot/pop3-login

##
## Mail processes
##

# Maximum number of running mail processes. When this
limit is reached,
# new users aren't allowed to log in.
#max_mail_processes = 1024

# Show more verbose process titles (in ps). Currently
shows user name and
# IP address. Useful for seeing who are actually using
the IMAP processes
# (eg. shared mailboxes or if same uid is used for
multiple accounts).
verbose_proctitle = no

# Show protocol level SSL errors.
#verbose_ssl = no

# Valid UID range for users, defaults to 500 and
above. This is mostly
# to make sure that users can't log in as daemons or
other system users.
# Note that denying root logins is hardcoded to
dovecot binary and can't
# be done even if first_valid_uid is set to 0.
#first_valid_uid = 500
#last_valid_uid = 0

# Valid GID range for users, defaults to
non-root/wheel. Users having
# non-valid GID as primary group ID aren't allowed to
log in. If user
# belongs to supplementary groups with non-valid GIDs,
those groups are
# not set.
#first_valid_gid = 1
#last_valid_gid = 0

# ':' separated list of directories under which
chrooting is allowed for mail
# processes (ie. /var/mail will allow chrooting to
/var/mail/foo/bar too).
# This setting doesn't affect login_chroot or
auth_chroot variables.
# WARNING: Never add directories here which local
users can modify, that
# may lead to root exploit. Usually this should be
done only if you don't
# allow shell access for users. See
doc/configuration.txt for more information.
#valid_chroot_dirs = 

# Default chroot directory for mail processes. This
can be overridden by
# giving /./ in user's home directory (eg.
/home/./user chroots into /home).
#mail_chroot = 

# Default MAIL environment to use when it's not set.
By leaving this empty
# dovecot tries to do some automatic detection as
described in
# doc/mail-storages.txt. There's a few special
variables you can use:
#
#   %u - username
#   %n - user part in user at domain, same as %u if
there's no domain
#   %d - domain part in user at domain, empty if user
there's no domain
#   %h - home directory
#
# You can also limit a width of string by giving the
number of max. characters
# after the '%' character. For example %1u gives the
first character of
# username. Some examples:
#
#   maildir:/var/mail/%1u/%u/Maildir
#   mbox:~/mail/:INBOX=/var/mail/%u
#   mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n
#
#default_mail_env =
mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n

# Space-separated list of fields to cache for all
mails. Currently these
# fields are allowed followed by a list of commands
they speed up:
#
#  Envelope      - FETCH ENVELOPE and SEARCH FROM, TO,
CC, BCC, SUBJECT,
#                  SENTBEFORE, SENTON, SENTSINCE,
HEADER MESSAGE-ID,
#                  HEADER IN-REPLY-TO
#  Body          - FETCH BODY
#  Bodystructure - FETCH BODY, BODYSTRUCTURE
#  MessagePart   - FETCH BODY[1.2.3] (ie. body parts),
RFC822.SIZE,
#                  SEARCH SMALLER, LARGER, also speeds
up BODY/BODYSTRUCTURE
#                  generation. This is always set with
mbox mailboxes, and
#                  also default with Maildir.
#
# Different IMAP clients work in different ways,
that's why Dovecot by default
# only caches MessagePart which speeds up most
operations. Whenever client
# does something where caching could be used, the
field is automatically marked
# to be cached later. For example after FETCH BODY the
BODY will be cached
# for all new messages. Normally you should leave this
alone, unless you know
# what most of your IMAP clients are. Caching more
fields than needed makes
# the index files larger and generate useless I/O.
#
# With maildir there's one extra optimization - if
nothing is cached, indexing
# the maildir becomes much faster since it's not
opening any of the mail files.
# This could be useful if your IMAP clients access
only new mails.

#mail_cache_fields = MessagePart

# Space-separated list of fields that Dovecot should
never set to be cached.
# Useful if you want to save disk space at the cost of
more I/O when the fields
# needed.
#mail_never_cache_fields = 

# Workarounds for various client bugs:
#   oe6-fetch-no-newmail:
#     Never send EXISTS/RECENT when replying to FETCH
command. Outlook Express
#     seems to think they are FETCH replies and gives
user "Message no longer
#     in server" error. Note that OE6 still breaks
even with this workaround
#     if synchronization is set to "Headers Only".
#   outlook-idle:
#     Outlook and Outlook Express never abort IDLE
command, so if no mail
#     arrives in half a hour, Dovecot closes the
connection. This is still
#     fine, except Outlook doesn't connect back so you
don't see if new mail
#     arrives.
#client_workarounds = outlook-idle

# Dovecot can notify client of new mail in selected
mailbox soon after it's
# received. This setting specifies the minimum
interval in seconds between
# new mail notifications to client - internally they
may be checked more or
# less often. Setting this to 0 disables the checking.
# NOTE: Evolution client breaks with this option when
it's trying to APPEND.
#mailbox_check_interval = 30

# Like mailbox_check_interval, but used for IDLE
command.
mailbox_idle_check_interval = 30

# Allow full filesystem access to clients. There's no
access checks other than
# what the operating system does for the active
UID/GID. It works with both
# maildir and mboxes, allowing you to prefix mailboxes
names with eg. /path/
# or ~user/.
#mail_full_filesystem_access = no

# Maximum allowed length for custom flag name. It's
only forced when trying
# to create new flags.
#mail_max_flag_length = 50

# Save mails with CR+LF instead of plain LF. This
makes sending those mails
# take less CPU, especially with sendfile() syscall
with Linux and FreeBSD.
# But it also creates a bit more disk I/O which may
just make it slower.
#mail_save_crlf = no

# Use mmap() instead of read() to read mail files.
read() seems to be a bit
# faster with my Linux/x86 and it's better with NFS,
so that's the default.
#mail_read_mmaped = no

# Copy mail to another folders using hard links. This
is much faster than
# actually copying the file. This is problematic only
if something modifies
# the mail in one folder but doesn't want it modified
in the others. I don't
# know any MUA which would modify mail files directly.
IMAP protocol also
# requires that the mails don't change, so it would be
problematic in any case.
# If you care about performance, enable it.
#maildir_copy_with_hardlinks = no

# Check if mails' content has been changed by external
programs. This slows
# down things as extra stat() needs to be called for
each file. If changes are
# noticed, the message is treated as a new message,
since IMAP protocol
# specifies that existing message are immutable.
#maildir_check_content_changes = no

# Which locking methods to use for locking mbox.
There's three available:
#  dotlock: Create <mailbox>.lock file. This is the
oldest and most NFS-safe
#           solution. If you want to use /var/mail/
like directory, the users
#           will need write access to that directory.
#  fcntl  : Use this if possible. Works with NFS too
if lockd is used.
#  flock  : May not exist in all systems. Doesn't work
with NFS.
#
# You can use both fcntl and flock too; if you do the
order they're declared
# with is important to avoid deadlocks if other
MTAs/MUAs are using both fcntl
# and flock. Some operating systems don't allow using
both of them
# simultaneously, eg. BSDs. If dotlock is used, it's
always created first.
mbox_locks = fcntl

# Should we create dotlock file even when we want only
a read-lock? Setting
# this to yes hurts the performance when the mailbox
is accessed simultaneously
# by multiple processes, but it's needed for reliable
reading if no other
# locking methods are available.
#mbox_read_dotlock = no

# Maximum time in seconds to wait for lock (all of
them) before aborting.
#mbox_lock_timeout = 300

# If dotlock exists but the mailbox isn't modified in
any way, override the
# lock file after this many seconds.
#mbox_dotlock_change_timeout = 30

# umask to use for mail files and directories
#umask = 0077

# Drop all privileges before exec()ing the mail
process. This is mostly
# meant for debugging, otherwise you don't get core
dumps. Note that setting
# this to yes means that log file is opened as the
logged in user, which
# might not work. It could also be a small security
risk if you use single UID
# for multiple users, as the users could ptrace() each
others processes then.
#mail_drop_priv_before_exec = no

##
## IMAP process
##

# Executable location
#imap_executable = /usr/libexec/dovecot/imap

# Set max. process size in megabytes. Most of the
memory goes to mmap()ing
# files, so it shouldn't harm much even if this limit
is set pretty high.
#imap_process_size = 256

# Support for dynamically loadable modules.
#imap_use_modules = no
#imap_modules = /usr/lib/dovecot/imap

##
## POP3 process
##

# Executable location
#pop3_executable = /usr/libexec/dovecot/pop3

# Set max. process size in megabytes. Most of the
memory goes to mmap()ing
# files, so it shouldn't harm much even if this limit
is set pretty high.
#pop3_process_size = 256

# Support for dynamically loadable modules.
#pop3_use_modules =yes
#pop3_modules = /usr/lib/dovecot/pop3

##
## Authentication processes
##

# You can have multiple processes; each time "auth =
xx" is seen, a new
# process definition is started. The point of multiple
processes is to be
# able to set stricter permissions to others. For
example, plain/PAM
# authentication requires roots, but if you also use
digest-md5 authentication
# for some users, you can authenticate them without
any privileges in a
# separate auth process. Just remember that only one
auth process is asked
# for the password, so you can't have different
passwords with different
# processes (unless they have different auth methods,
and you're ok with
# having different password for each method).

# Authentication process name.
auth = default

# Space separated list of wanted authentication
mechanisms:
#   plain digest-md5 anonymous
# EBRAIN changed
#auth_mechanisms = plain digest-md5
auth_mechanisms = plain

# Space separated list of realms for SASL
authentication mechanisms that need
# them. You can leave it empty if you don't want to
support multiple realms.
# Many clients simply use the first one listed here,
so keep the default realm
# first.
#auth_realms =

# Default realm to use if none was specified.
#auth_default_realm = 

# Where user database is kept:
#   passwd: /etc/passwd or similiar, using getpwnam()
#   passwd-file <path>: passwd-like file with
specified location
#   static uid=<uid> gid=<gid> home=<dir template>:
static settings
#   vpopmail: vpopmail library
#   ldap <config path>: LDAP, see
doc/dovecot-ldap.conf
#   pgsql <config path>: a PostgreSQL database, see
doc/dovecot-pgsql.conf
auth_userdb = passwd
# auth_userdb = pgsql
/usr/local/etc/dovecot-pgsql.conf

# Where password database is kept:
#   passwd: /etc/passwd or similiar, using getpwnam()
#   shadow: /etc/shadow or similiar, using getspnam()
#   pam [<service> | *]: PAM authentication
#   passwd-file <path>: passwd-like file with
specified location
#   vpopmail: vpopmail authentication
#   ldap <config path>: LDAP, see
doc/dovecot-ldap.conf
#   pgsql <config path>: a PostgreSQL database, see
doc/dovecot-pgsql.conf
# auth_passdb = pgsql
/usr/local/etc/dovecot-pgsql.conf
auth_passdb = pam
#auth_executable = /usr/libexec/dovecot/dovecot-auth

# Set max. process size in megabytes.
#auth_process_size = 256

# User to use for the process. This user needs access
to only user and
# password databases, nothing else. Only shadow and
pam authentication
# requires roots, so use something else if possible.
auth_user = root

# Directory where to chroot the process. Most
authentication backends don't
# work if this is set, and there's no point chrooting
if auth_user is root.
#auth_chroot = 

# Number of authentication processes to create
#auth_count = 1

# List of allowed characters in username. If the
user-given username contains
# a character not listed in here, the login
automatically fails. This is just
# an extra check to make sure user can't exploit any
potential quote escaping
# vulnerabilities with SQL/LDAP databases. If you want
to allow all characters,
# set this value to empty.
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@

# Username to use for users logging in with ANONYMOUS
SASL mechanism
#auth_anonymous_username = anonymous

# More verbose logging. Useful for figuring out why
authentication isn't
# working.
auth_verbose = no

# digest-md5 authentication process. It requires
special MD5 passwords which
# /etc/shadow and PAM doesn't support, so we never
need roots to handle it.
# Note that the passwd-file is opened before chrooting
and dropping root
# privileges, so it may be 0600-root owned file.

#auth = digest_md5
#auth_methods = digest-md5
#auth_realms = 
#auth_userdb = passwd-file /etc/passwd.imap
#auth_passdb = passwd-file /etc/passwd.imap
#auth_user = imapauth
#auth_chroot = 

# if you plan to use only passwd-file, you don't need
the two auth processes,
# simply set "auth_methods = plain digest-md5"


===================================================
OK sorry about pasting all .conf, but didn't know what
to do... so here is the deal, I have configured IMAP
to use in SquirrelMail, and it's working flawless, and
before that i went putting up POP3 access, and in that
time went flawless, but dunno what is going on that I
can't login from neither Outlook 2003 or Outlook
Express 6, when i turn ON Verbose, in "maillog"
appears this message (i don't think trying to login
from other prog would help, but right now starting to
download Thunderbird):

Jan 29 14:37:33 cddserver dovecot: Dovecot starting up
Jan 29 15:15:41 cddserver dovecot: Killed with signal
15

any clue what could it BE???


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the dovecot mailing list