LMTP Authentication Error

David Morsberger david at mmpcrofton.com
Tue Oct 13 14:40:07 EEST 2020 

Mark,

Thanks! You pointed me in the right direction.

It works and I always like posting the final solution. 

Here is what I have in my 10-master.conf

  unix_listener auth-userdb {
    #group =
    #mode = 0666
    #user = $default_internal_user
  }
  unix_listener auth-userdb-postfix {
    path = /var/spool/postfix/private/auth
    user = postfix
    group = postfix
    mode = 0666
  }

Adding what you recommended verbatim created a duplicate auth-userdb error. I think because it was due to the default value with the same path. 

The auth section from doveconf:

service auth {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = auth
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  unix_listener auth-client {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  unix_listener auth-login {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  unix_listener auth-master {
    group = 
    mode = 0600
    user = 
  }
  unix_listener auth-userdb {
    group = 
    mode = 0666
    user = $default_internal_user
  }
  unix_listener login/login {
    group = 
    mode = 0666
    user = 
  }
  unix_listener token-login/tokenlogin {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}


> On Oct 11, 2020, at 4:10 PM, Mark Moseley <moseleymark at gmail.com> wrote:
> 
> 
> 
> On Sat, Oct 10, 2020 at 12:08 PM David Morsberger <david at mmpcrofton.com <mailto:david at mmpcrofton.com>> wrote:
> I wish someone could help me. I’m trying to track auth in the lmtp code. Nice code base but I’m having trouble tracking the call stack for the error 
> 
> Sent from my iPhone
> 
> > On Oct 9, 2020, at 08:00, David Morsberger <david at mmpcrofton.com <mailto:david at mmpcrofton.com>> wrote:
> > 
> > Alexander,
> > 
> > Do you see anything wrong in my config?
> > 
> > David 
> > 
> > Sent from my iPhone
> > 
> >> On Oct 7, 2020, at 18:19, David Morsberger <david at mmpcrofton.com <mailto:david at mmpcrofton.com>> wrote:
> >> On 2020-10-07 12:43, Alexander Dalloz wrote:
> >>>>> Am 07.10.2020 um 18:20 schrieb david at mmpcrofton.com <mailto:david at mmpcrofton.com>:
> >>>>> Any ideas on how to resolve the Userdb connect/lookup problem? My users are pinging me on Sieve support.
> >>>>> Thanks,
> >>>>> David
> >>> Provide a full output of "doveconf -n"?
> >>> Alexander
> >> Alexandar,
> >> Thanks and here you go.
> >> # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf
> >> # Pigeonhole version 0.5.7.2 ()
> >> # OS: Linux 5.4.0-48-generic x86_64 Ubuntu 20.04.1 LTS
> >> # Hostname: mmp-mail.mmpcrofton.com <http://mmp-mail.mmpcrofton.com/>
> >> base_dir = /var/run/dovecot/
> >> first_valid_uid = 150
> >> login_greeting = Dovecot ready.
> >> mail_gid = 150
> >> mail_location = mbox:~/mail:INBOX=/var/mail/%u
> >> mail_privileged_group = mail
> >> mail_uid = 150
> >> managesieve_notify_capability = mailto
> >> managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
> >> namespace inbox {
> >> inbox = yes
> >> location =
> >> mailbox Drafts {
> >> auto = subscribe
> >> special_use = \Drafts
> >> }
> >> mailbox Junk {
> >> auto = subscribe
> >> special_use = \Junk
> >> }
> >> mailbox Sent {
> >> auto = subscribe
> >> special_use = \Sent
> >> }
> >> mailbox "Sent Messages" {
> >> auto = no
> >> special_use = \Sent
> >> }
> >> mailbox Spam {
> >> auto = create
> >> special_use = \Junk
> >> }
> >> mailbox Trash {
> >> auto = subscribe
> >> special_use = \Trash
> >> }
> >> prefix =
> >> }
> >> passdb {
> >> args = /etc/dovecot/dovecot-sql.conf.ext
> >> driver = sql
> >> }
> >> plugin {
> >> sieve = file:/home/mail/rules/%u/;active=/home/mail/rules/%u/.dovecot.sieve
> >> sieve_dir = /home/mail/rules/%u
> >> }
> >> protocols = " imap lmtp sieve pop3 sieve"
> >> service auth {
> >> unix_listener /var/spool/postfix/private/auth {
> >> group = postfix
> >> mode = 0660
> >> user = postfix
> >> }
> >> }
> >> service lmtp {
> >> unix_listener /var/spool/postfix/private/dovecot-lmtp {
> >> group = postfix
> >> mode = 0600
> >> user = postfix
> >> }
> >> }
> >> ssl = required
> >> ssl_cert = </etc/letsencrypt/live/imap.mmpcrofton.com/fullchain.pem <http://imap.mmpcrofton.com/fullchain.pem>
> >> ssl_client_ca_dir = /etc/ssl/certs
> >> ssl_dh = # hidden, use -P to show it
> >> ssl_key = # hidden, use -P to show it
> >> userdb {
> >> driver = prefetch
> >> }
> >> userdb {
> >> args = /etc/dovecot/dovecot-sql.conf.ext
> >> driver = sql
> >> }
> >> protocol lmtp {
> >> mail_plugins = " sieve"
> >> postmaster_address = david at mmpcrofton.com <mailto:david at mmpcrofton.com>
> >> }
> >> protocol imap {
> >> mail_max_userip_connections = 50
> >> }
> 
> 
> Pretty sure you can set up multiple unix_listener's. What about creating another one, inside the 'service auth' container? It'll need to have unix_listener set to 'auth-userdb' (for dovecot's sake, which probably means that you'll to leave it with default user/group/permissions) with a 'path' of /var/run/dovecot. And then rename the existing one to auth-userdb-postfix (totally arbitrary), though note that that will change the filename of the socket itself, so you'll need to change postfix to use /var/spool/postfix/private/auth/auth-userdb-postfix (i.e. same last component as the argument to 'unix_listener')
> 
> So you'd end up with something like:
> 
> service auth {
>  unix_listener auth-userdb {
>     path = /var/run/dovecot
>     mode = 0660 (or whatever the default is)
>     user = $dovecot_auth_user_dunno_what
>     group = $dovecot_auth_group_dunno_what
>   }
>   unix_listener auth-userdb-postfix {
>     path = /var/spool/postfix/private/auth
>     mode = 0660
>     user = postfix
>     group = postfix
>   }
> }
> 
> And then postfix would have /var/spool/postfix/private/auth/auth-userdb-postfix for its dovecot-related socket

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20201013/86481158/attachment-0001.html>

More information about the dovecot mailing list