[Dovecot] Exim Dovecot Authentication Problem

20 Jan 2008

      Having a hard time figuring out something that is supposed to be easy.
Tryiong to configure Dovecot so that it provides authentication to Exim
for outgoing smtp. Tried different things and getting
authentication socket protocol error
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
auth default {
Space separated list of wanted authentication mechanisms:
plain digest-md5 cram-md5 apop anonymous
mechanisms = plain

Password database is used to verify user's password (and nothing more).
You can have multiple passdbs and userdbs. This is useful if you want to
allow both system users (/etc/passwd) and virtual users to login without
duplicating the system users into virtual database.

http://wiki.dovecot.org/Authentication

PAM authentication. Preferred nowadays by most systems.
Note that PAM can only be used to verify if user's password is correct,
so it can't be used as userdb. If you don't want to use a separate user
database (passwd usually), you can use static userdb.
passdb passwd-file {
# Master users that can log in as anyone
args = /etc/dovecot.masterusers
master = yes
pass =yes
}
Linuxconf passwd-like file with specified location
passdb passwd-file {
args = /etc/exim/control/vmail/shadow.%d
}
Linuxconf passwd-like file with specified location
userdb passwd-file {
args = /etc/exim/control/vmail/passwd.%d
}
User to use for the process. This user needs access to only user and
password databases, nothing else. Only shadow and pam authentication
requires roots, so use something else if possible. Note that passwd
authentication with BSDs internally accesses shadow files, which also
requires roots. Note that this user is NOT used to access mails.
That user is specified by userdb above.
user = root
Number of authentication processes to create
count = 10
}
It's possible to export the authentication interface to other programs,
for example SMTP server which supports talking to Dovecot. Client socket
handles the actual authentication - you give it a username and password
and it returns OK or failure. So it's pretty safe to allow anyone
access to
it. Master socket is used to a) query if given client was successfully
authenticated, b) userdb lookups.
listener sockets will be created by Dovecot's master process using the
settings given inside the auth section
auth default_with_listener {
mechanisms = plain
passdb passwd-file {
# Master users that can log in as anyone
args = /etc/dovecot.masterusers
master = yes
pass =yes
}
passdb passwd-file {
# Path for passwd-file
args = /etc/exim/control/vmail/shadow.%d
}
userdb passwd-file {
# Path for passwd-file
args = /etc/exim/control/vmail/passwd.%d
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0666
}
}
}
auth external {
mechanisms = plain
passdb passwd-file {
# Master users that can log in as anyone
args = /etc/dovecot.masterusers
master = yes
pass =yes
}
passdb passwd-file {
# Path for passwd-file
args = /etc/exim/control/vmail/shadow.%d
}
userdb passwd-file {
# Path for passwd-file
args = /etc/exim/control/vmail/passwd.%d
}
socket listen {
client {
path = /var/run/dovecot/auth-client
mode = 0666
}
}
}

[Dovecot] Exim Dovecot Authentication Problem

Marc Perkel

Space separated list of wanted authentication mechanisms:

plain digest-md5 cram-md5 apop anonymous

Password database is used to verify user's password (and nothing more).

You can have multiple passdbs and userdbs. This is useful if you want to

allow both system users (/etc/passwd) and virtual users to login without

duplicating the system users into virtual database.

http://wiki.dovecot.org/Authentication

PAM authentication. Preferred nowadays by most systems.

Note that PAM can only be used to verify if user's password is correct,

so it can't be used as userdb. If you don't want to use a separate user

database (passwd usually), you can use static userdb.

Linuxconf passwd-like file with specified location

Linuxconf passwd-like file with specified location

User to use for the process. This user needs access to only user and

password databases, nothing else. Only shadow and pam authentication

requires roots, so use something else if possible. Note that passwd

authentication with BSDs internally accesses shadow files, which also

requires roots. Note that this user is NOT used to access mails.

That user is specified by userdb above.

Number of authentication processes to create

It's possible to export the authentication interface to other programs,

for example SMTP server which supports talking to Dovecot. Client socket

handles the actual authentication - you give it a username and password

and it returns OK or failure. So it's pretty safe to allow anyone

it. Master socket is used to a) query if given client was successfully

authenticated, b) userdb lookups.

listener sockets will be created by Dovecot's master process using the

settings given inside the auth section