Wow. Thanks for the rapid and detailed response!
On Wed, Aug 13, 2003 at 12:19:54AM +0300, Timo Sirainen wrote:
On Tuesday, Aug 12, 2003, at 23:40 Europe/Helsinki, Bob Hall wrote:
I'm getting imap-login: Internal login failure: bob whenever I try to check mail. I'm new to mail server setup, new to IMAP, and I don't know a heck of a lot about authentication schemes.
There should be another error message before that line?
No. The complete log entries related to my last attempt to log in are
Aug 12 21:46:31 kongemord imap-login: Internal login failure: bob [192.168.0.2] Aug 12 21:46:31 kongemord dovecot: child 14690 (auth) killed with signal 11
This is from maillog.
If I try to test Dovecot using IMAP commands via telnet, Dovecot tells me LOGIN BAD Error in IMAP command received by server.
How did you try it? It should be: 1 login username password
That's what I used.
telnet imap 143 Trying xxx.xxx.xxx.xxx... Connected to imap.domain.tld. Escape character is '^]'.
- OK dovecot ready. LOGIN dovecot secret LOGIN BAD Error in IMAP command received by server.
I also can't telnet via localhost; I have to specify the host name, so I'm connecting via the host's external interface. I have no problem connecting to localhost on ports not used by Dovecot.
I'd guess it's because localhost resolves to IPv6 localhost ::1, and Dovecot doesn't listen in IPv6 interfaces with *BSD fow now, since it requires two sockets.
No, localhost resolves to 127.0.0.1. However, compiling Dovecot with the --disable-ipv6 flag fixed that problem. Now I can connect via localhost, but I can't LOGIN. Error is identical to above.
In case it helps, here's my compile flags from the Makefile:
CONFIGURE_ARGS+= --with-shadow --disable-ipv6
--localstatedir=/var --with-ldap --with-rawlog
--without-vpopmail --without-pgsql --without-pam
--with-rawlog doesn't seem to do anything. I've added the dovecot.rawlog directory to both the root home and my home, and nothing is showing up in either location, even though maillog continues to receive error messages.
So I have two questions:
- How do I correct my configuration to make login successful?
The real error message should be in the logs, but I'd guess it's got
The error message I quoted is from the logs.
something to do with user ids. What uids have you given to users in LDAP? Are they smaller than 500, which is the default minimum accepted uid? You could change first_valid_uid in config file.
I'm confused. In the documentation and schemas that come with OpenLDAP, a uid is a login. E.g. my account uid is 'bob'. Unix uses numeric uids, but if I'm using LDAP, I'm not accessing anything with numeric uids. posixAccount uses uidNumber, but I'm not using that class.
Server configuration: IMAP IMAP Mailbox Location Prefix: /var/mail/bob/Mail Authentication Style: passwords
Don't give any IMAP prefix to clients.
OK. The Eudora documentation says I need it. This is why I want to be able to test w/out an MUA, so that I don't mix my client errors with my server errors. I've removed it, and I'm still getting the error message.
login_user = dovecot auth_user = dovecot
It's better not to use the same user for auth and login. Maybe I should add a check to disallow this entirely..
I don't know enough about it to know why that's a bad idea, but I got it from a sample config file online. I've changed auth_user to dovecot-auth and I'm still getting the same error.
Thanks again for the response.
Bob Hall