[Dovecot] Postfix and Dovecot SASL

Jerry gesbbb at yahoo.com
Wed Nov 11 17:41:24 EET 2009 

On Wed, 11 Nov 2009 15:45:33 +0100
Rene Bakkum <rene.bakkum at gmail.com> replied:

> Hello all,
> 
> I am struggeling to get my Dovecot SASL to work within postfix. I
> have used the configuration example listed on the main-site of
> dovecot and it basically isn't giving me any success at all. I am
> probably missing something easy, but after spending a few days
> testing and walking through everything I could think about I thought
> figured it was better to ask :) Hope someone can point me to the
> right direction.
> 
> My setup is that I have installed Ubuntu 9.04 (64bit), postfix and
> dovecot linked to a MySQL database. The services are using maildirs
> which are stored locally (no NFS). Postfix is using the LDA from
> dovecot to deliver the mail and dovecot is used for IMAP and POP3.
> This is working and no problems at all so far. The problem starts
> when I just want to enable the SASL authentication from Dovecot. I
> used the 'guide' posted on
> http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL
> 
> When I try to telnet to port 25 (smtp) than I doesn't looks like the
> SASL is working...
> 220 mail003 ESMTP Postfix (Ubuntu)
> ehlo localhost
> 250-mail003
> 250-PIPELINING
> 250-SIZE 10240000
> 250-VRFY
> 250-ETRN
> 250-STARTTLS
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> 
> Anything I missed in my configuration from either postfix/dovecot?
> root at mail003:/etc/postfix# dovecot --version
> 1.1.11
> root at mail003:~# dpkg-query -l postfix
> +++-==============-==============-============================================
> ii  postfix        2.5.5-1.1      High-performance mail transport
> agent
> 
> Here are my configurations of both:
> root at mail003:/etc/postfix# dovecot -n
> # 1.1.11: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.28-16-server x86_64 Ubuntu 9.04 ext4
> log_timestamp: %Y-%m-%d %H:%M:%S
> protocols: imap pop3 imaps pop3s managesieve
> ssl_cert_file: /etc/ssl/certs/ssl-mail.pem
> ssl_key_file: /etc/ssl/private/ssl-mail.key
> ssl_cipher_list:
> ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
> login_dir: /var/run/dovecot/login
> login_executable(default): /usr/lib/dovecot/imap-login
> login_executable(imap): /usr/lib/dovecot/imap-login
> login_executable(pop3): /usr/lib/dovecot/pop3-login
> login_executable(managesieve): /usr/lib/dovecot/managesieve-login
> login_greeting_capability(default): yes
> login_greeting_capability(imap): yes
> login_greeting_capability(pop3): no
> login_greeting_capability(managesieve): no
> mail_max_userip_connections(default): 10
> mail_max_userip_connections(imap): 10
> mail_max_userip_connections(pop3): 3
> mail_max_userip_connections(managesieve): 10
> mail_privileged_group: mail
> mail_uid: 5000
> mail_gid: 5000
> mail_location: maildir:/home/vmail/%d/%n/.Maildir
> mail_executable(default): /usr/lib/dovecot/imap
> mail_executable(imap): /usr/lib/dovecot/imap
> mail_executable(pop3): /usr/lib/dovecot/pop3
> mail_executable(managesieve): /usr/lib/dovecot/managesieve
> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
> mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve
> imap_client_workarounds(default): outlook-idle delay-newmail
> imap_client_workarounds(imap): outlook-idle delay-newmail
> imap_client_workarounds(pop3):
> imap_client_workarounds(managesieve):
> pop3_client_workarounds(default):
> pop3_client_workarounds(imap):
> pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
> pop3_client_workarounds(managesieve):
> sieve_storage(default):
> sieve_storage(imap):
> sieve_storage(pop3):
> sieve_storage(managesieve): ~/sieve
> sieve(default):
> sieve(imap):
> sieve(pop3):
> sieve(managesieve): ~/.dovecot.sieve
> auth default:
>   mechanisms: plain login
>   passdb:
>     driver: sql
>     args: /etc/dovecot/dovecot-sql.conf
>   userdb:
>     driver: sql
>     args: /etc/dovecot/dovecot-sql.conf
>   socket:
>     type: listen
>     client:
>       path: /var/spool/postfix/private/dovecot-auth
>       mode: 432
>       user: postfix
>       group: postfix
>     master:
>       path: /var/run/dovecot/auth-master
>       mode: 384
>       user: vmail
>       group: vmail
> 
> root at mail003:/etc/postfix# postconf | grep sasl
> broken_sasl_auth_clients = yes
> cyrus_sasl_config_path =
> lmtp_sasl_auth_cache_name =
> lmtp_sasl_auth_cache_time = 90d
> lmtp_sasl_auth_enable = no
> lmtp_sasl_auth_soft_bounce = yes
> lmtp_sasl_mechanism_filter =
> lmtp_sasl_password_maps =
> lmtp_sasl_path =
> lmtp_sasl_security_options = noplaintext, noanonymous
> lmtp_sasl_tls_security_options = $lmtp_sasl_security_options
> lmtp_sasl_tls_verified_security_options =
> $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus
> proxy_write_maps = $smtp_sasl_auth_cache_name
> $lmtp_sasl_auth_cache_name send_cyrus_sasl_authzid = no
> smtp_sasl_auth_cache_name =
> smtp_sasl_auth_cache_time = 90d
> smtp_sasl_auth_enable = no
> smtp_sasl_auth_soft_bounce = yes
> smtp_sasl_mechanism_filter =
> smtp_sasl_password_maps =
> smtp_sasl_path =
> smtp_sasl_security_options = noplaintext, noanonymous
> smtp_sasl_tls_security_options = $smtp_sasl_security_options
> smtp_sasl_tls_verified_security_options =
> $smtp_sasl_tls_security_options smtp_sasl_type = cyrus
> smtpd_recipient_restrictions = reject_unknown_sender_domain,
> reject_unknown_recipient_domain, reject_unauth_pipelining,
> permit_mynetworks, permit_sasl_authenticated,
> reject_unauth_destination smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_exceptions_networks =
> smtpd_sasl_local_domain = $myhostname
> smtpd_sasl_path = private/dovecot-auth
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
> smtpd_sasl_type = dovecot
> 
> 
> Any ideas?
> Thanks for the response.
> - Rene

Use "postconf -n" to obtain what Postfix actually sees. All you are
showing is what is entered in the Postfix main.cf file. You can easily
enter garbage into that file that Postfix will ignore. Also, post the
complete output. Snippets are useless.

-- 
Jerry
gesbbb at yahoo.com

|::::=======
|::::=======
|===========
|===========
|

Why, every one as they like; as the good woman said when she
kissed her cow.


	Rabelais

More information about the dovecot mailing list