-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
thanks very much for your configuration. It seems with dovecot 2.0.19 the configuration has changed quite a bit and things have been splitted into several files (http://wiki2.dovecot.org/QuickConfiguration)
sudo grep -rl postfix /etc/dovecot/* /etc/dovecot/conf.d/10-master.conf /etc/dovecot/conf.d/01-mail-stack-delivery.conf
and included inside dovecot.conf (!include conf.d/*.conf)
I finally found that auth_debug is inside
/etc/dovecot/conf.d/10-logging.conf
I will turn on the logging and hopefully better understand what is happening.
Thanks
Michael
Am 29.09.14 16:00, schrieb Reindl Harald:
Am 29.09.2014 um 15:51 schrieb Michael Wechner:
Am 29.09.14 15:30, schrieb Reindl Harald:
Am 29.09.2014 um 15:21 schrieb Michael Wechner:
Hi Harald
Thanks very much for your quick reply. Please see my answers inline
below
telnet is worthless because AUTH is likely announced *after STARTTLS* http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
right, but when requesting for example mail.wyona.com, then I can see
AUTH
depends on the servers configuration
hence I would assume to see it also for the new version of postfix and dovecot, or do I misunderstand something?
yes, you did not read http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
if the server is configured in a way it offers AUTH only over a encrypted channel (recommended) then you need to use STARTTLS before you see the capability and for that telnet is just the wrong tool
the new server config reads (postfix mail_version = 2.7.0):
smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/dovecot-auth smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sender_restrictions = reject_unknown_sender_domain
- check postfix master.cf for chroot - only explicit "n" disabled it
- check configuration of the private/dovecot-auth (permissions and so on)
- look at your logs careful
that is my part in dovecot.conf:
service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } }
that's my part in postfix's main.cf:
smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth
well, both are unchanged for a very long time and survived a lot of dist-upgrades (Fedora) as well as Dovecot/Postfix
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org
iQEcBAEBCgAGBQJUKaixAAoJECV0ivYw6bPKtjAH/AiMIS4I0+8q8vqJYwzs9Pzr LgQfe/O9O6HwtL0u63bkZ8SPslxKUxhpl9dmv6HcodfGxHSkaGdlcVS96o6ynjS4 rcWoco6qQ0PsRiJTT1x2IGqO8mPQgH9ovHmI+6ZKAqjWi4S8iFT6G/D6tdtmikME GqW2p2r0mE4xyn0RwU6IWb+cxEYPq3X/8GuSbQsO3Ux0AcejUBgI1ex9xfHM8xhi vfxPDNY9M1s/l+lwBiEqAjkwe99cOpuBPr9u9Mg6WS3+fGwa+Di642ZeZAy3SB63 /wYtLProbJ7enHar7t0sEb0/WvpqUvchNunlw3R1KRe/RhMSbxKYY0x4t6WLSGo= =MLa2 -----END PGP SIGNATURE-----