On 23/07/2021 01:22 Dan Conway darkc0de@archnix6.net wrote:
Hello,
I'm having issues with Dovecot translating "BDAT" commands (CHUNKING) into "DATA" commands when the backend does not support it in the submission service. I use "checkpassword" to authenticate users and judging by older mailing list entries the presence of "submission_*" directives must be in place for Dovecot to translate. Even with these directives set, the translation doesn't seem to occur.
checkpassword returns "director_tag=remote_smtp" (along with other fields such as nopassword=y proxy=y) which in turn sets the backend host to relay the connection to. I have a feeling the use of checkpassword has something to do with this lack of translation.
If the "submission_*" directives must be in place for this translation to occur, which ones are they? Can I return these fields from checkpassword?
Output of doveconf -n:
# 2.3.15 (0503334ab1): /etc/dovecot/dovecot.conf # OS: Linux 4.15.0-147-generic x86_64 Ubuntu 18.04.5 LTS # Hostname: xyz auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes director_mail_servers = x.x.x.x@remote_smtp director_servers = x.x.x.x disable_plaintext_auth = no mail_log_prefix = "%Us(%u) [%r]: " passdb { args = /usr/local/bin/checkpassword driver = checkpassword } protocols = " imap pop3 submission" service anvil { client_limit = 3553 } service auth { client_limit = 3550 } service director { fifo_listener login/proxy-notify { mode = 0600 user = $default_login_user } inet_listener { address = x.x.x.x port = 9090 } unix_listener director-admin { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director inet_listener imap { address = x.x.x.x port = 143 } inet_listener imaps { address = x.x.x.x port = 993 ssl = yes } process_limit = 1000 process_min_avail = 0 service_count = 1 } service imap { process_limit = 2048 process_min_avail = 0 service_count = 1 vsz_limit = 384 M } service pop3-login { executable = pop3-login director inet_listener pop3 { address = x.x.x.x port = 110 } inet_listener pop3s { address = x.x.x.x port = 995 ssl = yes } process_limit = 450 } service pop3 { process_limit = 190 process_min_avail = 0 service_count = 1 } service submission-login { executable = submission-login director inet_listener smtp { address = x.x.x.x port = 25 } inet_listener smtps { address = x.x.x.x port = 465 ssl = yes } inet_listener submission { address = x.x.x.x port = 587 } process_limit = 2000 } ssl_cert =
Hi!
Submission service works from backend, not proxy.
Aki