Thanks for the reply Dennis
On Sun, Mar 13, 2011 at 7:19 PM, Dennis Guhl <dg@dguhl.org> wrote:
You should not save the master users credentials with the mail user credentials. Instead you should use a dedicated userdb and passdb.
For further reference have a look at http://wiki2.dovecot.org/Authentication/MasterUsers.
I created the htpasswd file on the destination server already. Does it also need to be done on the proxy?
I don't undestand your question. You can either forward plaintext credentials to your backend or authenticate on your proxy and go with the proxys master user to your backend (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy).
Dennis
I'm trying to authenticate on the proxy and use the master user to connect to the backend, just not sure how thats done. The link for ExtraFields says I need to return: master=s and pass=s
How do I state the user/pass for the master?
I've compiled my proxy with ldap support and created the same master user on the proxy that exists on the destination server.
I can telnet on the proxy still, but now its just creating user home directories on the proxy, and not going to the backend at all.
My proxy config
# 2.0.11: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.26-2-openvz-amd64 i686 Debian 5.0.8 auth_debug = yes auth_debug_passwords = yes auth_master_user_separator = * auth_mechanisms = plain login auth_socket_path = /usr/local/var/run/dovecot/auth-master auth_verbose = yes debug_log_path = /var/log/dovecot-debug.log director_doveadm_port = 542 director_mail_servers = mailstore.domain.com director_servers = proxy.domain.com disable_plaintext_auth = no info_log_path = /var/log/dovecot-info.log listen = * lmtp_proxy = yes log_path = /var/log/dovecot-err.log mail_debug = yes mail_gid = vmail mail_location = maildir:%h/Maildir mail_plugins = " quota" mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /usr/local/etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin/acl = vfile plugin/acl_shared_dict = file:/home/%d/shared-mailboxes plugin/quota = maildir:User quota plugin/quota_rule = *:storage=1G plugin/sieve = %h/.dovecot.sieve plugin/sieve_dir = ~/sieve plugin/sieve_max_actions = 32 plugin/sieve_max_redirects = 4 plugin/sieve_max_script_size = 1M plugin/sieve_quota_max_scripts = 0 plugin/sieve_quota_max_storage = 0 postmaster_address = postmaster@domain.com protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { mode = 0600 user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 541 } inet_listener { port = 542 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director inet_listener imap { port = 143 } } service lmtp { inet_listener lmtp { port = 24 } unix_listener /var/spool/postfix/private/dovecot-lmtp { user = postfix } } service managesieve-login { executable = managesieve-login director inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 110 } } ssl_cert = </usr/local/etc/dovecot/dovecot.pem ssl_key = </usr/local/etc/dovecot/dovecot.key userdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } verbose_proctitle = yes protocol lmtp { auth_socket_path = /usr/local/var/run/dovecot/director-userdb mail_plugins = " quota quota sieve" passdb { args = proxy=y nopassword=y port=24 driver = static } } protocol lda { info_log_path = /var/log/dovecot-lda.log log_path = /var/log/dovecot-lda-errors.log mail_plugins = " quota sieve" } protocol imap { mail_plugins = " quota imap_quota imap_acl acl" } protocol sieve { mail_max_userip_connections = 10 mail_plugins = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = managesieve_sieve_capability = } protocol pop3 { mail_plugins = " quota quota" pop3_fast_size_lookups = no pop3_uidl_format = %08Xu%08Xv }