[Dovecot] LMTP: Rejecting unknown users
Timo Sirainen
tss at iki.fi
Wed Aug 4 17:28:37 EEST 2010
On Wed, 2010-08-04 at 15:37 +0200, Peer Heinlein wrote:
> user_attrs =
> =home=/mail/%d/%n,=uid=10000,=gid=10000,jpberlinMailQuota=quota_rule=*:storage=%$B
> user_filter = (email=%u)
Looks ok..
> Unfortunately, LMTP accepts mail for *all* users, even for those users,
> that doesn't exist in LDAP at all:
Shouldn't happen..
> 2010-08-04 12:27:58 auth: Debug: master in: USER 1
> tessdfdfgdsft at example.org service=lmtp lip=(null) r
> ip=(null)
The lip=(null) rip=(null) here is a bug (fixed by
http://hg.dovecot.org/dovecot-2.0/rev/10c4c9d5fb5b) but I don't think
that matters.
> 2010-08-04 12:27:58 auth: Debug:
> ldap(tessdfdfgdsft at example.org,0.0.0.0): user search:
> base=xxxxxxxxxxxxxxxxxxx
> 2010-08-04 12:27:58 auth: Debug:
> ldap(tessdfdfgdsft at example.org,0.0.0.0): no fields returned by the
> server
> 2010-08-04 12:27:58 auth: Debug: master out: USER 1
> tessdfdfgdsft at example.org home=/mail/example.org/tessdfdfgd
> sft uid=10000 gid=10000
It looks like LDAP still sent a reply. Otherwise it would do that it
does with me:
Aug 04 15:24:57 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth
Aug 04 15:24:57 auth: Debug: master in: USER 1 tss at example.com service=lmtp lip=::1 rip=::1
Aug 04 15:24:57 auth: Debug: ldap(tss at example.com,::1): user search: base=ou=people,dc=example,dc=com scope=subtree filter=(mail=tss at example.com) fields=uidNumber
Aug 04 15:24:57 auth: Info: ldap(tss at example.com,::1): unknown user
Aug 04 15:24:57 auth: Debug: master out: NOTFOUND 1
BTW. You should be able to test this more easily with "doveadm user
foo at example.org". It should also return "unknown user".
More information about the dovecot
mailing list