Hello,
I am using
# dovecot --version 2.2.18
# dovecot -n # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol can no longer be specified (use protocols=imap). to disable non-ssl imap, use service imap-login { inet_listener imap { port=0 } } doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol can no longer be specified (use protocols=imap). to disable non-ssl imap, use service imap-login { inet_listener imap { port=0 } } # OS: Linux 4.1.27-27-default x86_64 openSUSE 42.1 (x86_64) first_valid_uid = 1 mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } protocols = lmtp imap service imap-login { inet_listener imap { port = 0 } } ssl = required ssl_ca = /etc/pki/trust/anchors/rootCA.pem ssl_cert =
I use LDAP for user and passwd databases as the following:
uris = ldapi:/// sasl_bind = yes sasl_mech = EXTERNAL auth_bind = yes
And I found that only first authentication after dovecot restart is successful, the others always fail with temp. The reason is that dovecot rebinds to anonymous bind after succesful auth bind instead of rebinding to external sasl bind.