LMTP and passdb deny=yes not working

Jogi Hofmüller jogi at mur.at
Fri Aug 22 14:07:05 UTC 2014


Hi all,

I start this on in a new thread.  I setup the deny-user setting to
temporarily prevent users from logging in and (that would be great) also
stop mail delivery for said user.  All this is because of our upcoming
migration.

Now it seems that lmtp is ignoring this setting.  This is from the logfile:

Aug 21 13:01:00 klee dovecot: lmtp(pid): Connect from IP
Aug 21 13:01:00 klee dovecot: auth: passwd-file(fischer,IP): User found
from deny passdb
Aug 21 13:01:00 klee dovecot: lmtp(pid, fischer):
2UErAGzR9VMBPQAAGyzfLQ: sieve: msgid=unspecified: stored mail into
mailbox 'INBOX'
Aug 21 13:01:00 klee dovecot: lmtp(pid): Disconnect from 172.16.16.205:
Successful quit

So lmtp seems to find the user and correctly states the fact but then
stores the email anyhow.  Is this intended or did I hit a bug?  Or do I
have an error in my config?

Cheers,
-- 
j.hofmüller

mur.sat -- a space art project                        http://sat.mur.at/
-------------- next part --------------
# 2.2.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.14-1-amd64 x86_64 Debian jessie/sid btrfs
auth_verbose = yes
disable_plaintext_auth = no
imapc_features = rfc822.size fetch-headers
imapc_host = hornet.mur.at
imapc_list_prefix = INBOX
imapc_master_user = cyrus
imapc_password = secret
imapc_port = 993
imapc_ssl = imaps
imapc_ssl_verify = no
imapc_user = %u
lmtp_proxy = yes
lmtp_save_to_detail_mailbox = yes
login_greeting = Dovecot is spitze!
mail_location = maildir:/srv/vmail/%n/Maildir
mail_plugins = acl
mail_prefetch_count = 20
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
namespace {
  hidden = no
  inbox = no
  list = children
  location = maildir:/srv/vmail/%%n/Maildir:INDEX=/srv/vmail/%n/shared/%%n:CONTROL=/srv/vmail/%n/shared/%%n:INDEXPVT=/srv/vmail/%n/shared/%%n
  prefix = shared.%%n.
  separator = .
  subscriptions = yes
  type = shared
}
namespace inbox {
  hidden = no
  ignore_on_failure = no
  inbox = yes
  list = yes
  location = 
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Junk {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix = INBOX.
  separator = .
  subscriptions = yes
  type = private
}
passdb {
  args = /etc/dovecot/deny-users
  deny = yes
  driver = passwd-file
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
plugin {
  acl = vfile:/etc/dovecot/global-acls:cache_secs=300
  acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
  sieve = /srv/vmail/%u/sieve/.dovecot.sieve
  sieve_default = /srv/vmail/sieve/default.sieve
  sieve_dir = /srv/vmail/%u/sieve
  sieve_global_dir = /srv/vmail/sieve/
}
protocols = " imap lmtp sieve pop3"
service auth {
  unix_listener auth-userdb {
    group = vmail
    mode = 0777
    user = vmail
  }
}
service lmtp {
  inet_listener lmtp {
    address = 172.16.16.78
    port = 24
  }
  user = vmail
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  inet_listener sieve_deprecated {
    port = 2000
  }
  process_min_avail = 1
  service_count = 1
  vsz_limit = 64 M
}
service managesieve {
  process_limit = 256
}
ssl_cert = </etc/dovecot/klee.pem
ssl_key = </etc/dovecot/private/klee.mur.at.pem
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocol lmtp {
  mail_plugins = acl quota sieve
  passdb {
    args = /etc/dovecot/deny-users
    deny = yes
    driver = passwd-file
    name = 
  }
  passdb {
    args = /etc/dovecot/dovecot-ldap_for_lmtp.conf.ext
    driver = ldap
    name = 
  }
  userdb {
    args = /etc/dovecot/dovecot-ldap_for_lmtp.conf.ext
    driver = ldap
    name = 
  }
}
protocol imap {
  mail_plugins = acl imap_acl
}
protocol sieve {
  managesieve_implementation_string = Dovecot Pigeonhole
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140822/561acad8/attachment.sig>


More information about the dovecot mailing list