You can use

plugin {
  acl_user = %u
}

Aki
On 12 April 2019 12:35 Usuario prueba via dovecot <dovecot@dovecot.org> wrote:


 
I think is an ACL problem for master user. My master user is named "administrator" (static password files), all other users have ldap backend, and I tried to add this to acl file using vim

* user=administrator lr

But still does not work. I have read several times https://wiki.dovecot.org/Authentication/MasterUsers and still I do not get the ACL thing. That page says " Set plugin { master_user=%u }  This fully hides that master user login is being used ". I have tried setting master_user=%u inside my plugin section and does not work. Can anyone post a doveconf -n output of a static-file master user + ACL working as intented?

Regards
 
Enviar: viernes 12 de abril de 2019 a las 9:41
De: "Usuario prueba via dovecot" <dovecot@dovecot.org>
Para: dovecot@dovecot.org
Asunto: Mailbox INBOX: Opening INBOX failed: Mailbox doesn't exist: INBOX. Maybe master user + namespace problem?
I am trying to migrate via imapsync a Dovecot mail server (host1) to Office 365 (hosts2) (just a test, I love Dovecot).

Imapsync, using dovecot master user, exact command I am using:

imapsync --host1 myhost.mydomain --user1 testuser@mydomain.com*administrator --password1 "XXXXX" --host2 Outlook.Office365.com --user2 testuser@mydomain.com --authuser2 "masteruser2" --password2 "XXXX"  --office2

This does not work.

In dovecot logs I get the following error:


Apr 12 09:13:13 buzonus_rhel7 dovecot: imap-login: Login: user=<testuser@mydomain.com>, method=PLAIN, rip=192.168.1.97
, lip=192.168.4.80, mpid=24003, TLS, session=<fwL8CFCGtprAqAFh>
Apr 12 09:13:14 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: ID sent: name=imapsync, version=1.921, os=linux, vendor=Gilles LAMIRAL, support-url= https://imapsync.lamiral.info/, date=18-Feb-2019 10:21:03 +0000, side=host1
Apr 12 09:13:14 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: Error: Mailbox INBOX: Opening INBOX failed: Mailbox doesn't exist: INBOX
Apr 12 09:13:16 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: Logged out in=369 out=2790 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0

This is rather weird. I can access via thunderbird/mutt without problems to Dovecot server with "standard" accounts. If I try imapsync with a "standard" user, with real password, imapsync works. This only fails when I use the master user, can not find INBOX. Maybe a namespace problem using master user?


doveconf -n output below:

# 2.3.5.1 (7ec6d0ade): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.5 (2483b085)
# OS: Linux 3.10.0-957.10.1.el7.x86_64 x86_64 Red Hat Enterprise Linux Server release 7.6 (Maipo) xfs
# Hostname: mysystem
auth_cache_negative_ttl = 10 secs
auth_cache_size = 10 M
auth_cache_ttl = 2 mins
auth_master_user_separator = *
auth_mechanisms = plain login
auth_worker_max_count = 15500
base_dir = /var/run/dovecot/
default_client_limit = 15000
default_process_limit = 16500
default_vsz_limit = 2 G
disable_plaintext_auth = no
imap_capability = +XLIST
imap_client_workarounds = tb-extra-mailbox-sep delay-newmail tb-lsub-flags
imap_id_log = *
imap_max_line_length = 8 M
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_fsync = never
mail_gid = entrega
mail_home = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/
mail_location = mdbox:/buzones/mydomain.com/%2.26Hn/%2.200Hn/%n:ITERINDEX:INDEX=/indices_dovecot/indices/%2.26Hn/%2.200Hn/%n:ALT=/buzones/alternativo/mydomain.com/%2.26Hn/%2.200Hn/%n
mail_log_prefix = "%s(%u)<%{session}>: "
mail_max_userip_connections = 15000
mail_plugins = " zlib acl quota virtual mail_log notify"
mail_uid = entrega
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date
mdbox_rotate_interval = 1 days
mdbox_rotate_size = 60 M
namespace {
  inbox = yes
  location =
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox SPAM {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix =
  type = private
}
namespace {
  list = yes
  location = mdbox:/buzones/mydomain.com/%%2.26Hn/%%2.200Hn/%%n:ALT=/buzones/alternativo/mydomain.com/%%2.26Hn/%%2.200Hn/%%n:INDEX=/indices_dovecot/indices/%%2.26Hn/%%2.200Hn/%%n:INDEXPVT=~/mdbox/carpeta_compartida/%%u
  prefix = carpeta_compartida/%%u/
  separator = /
  subscriptions = no
  type = shared
}
passdb {
  args = /etc/dovecot/deny
  deny = yes
  driver = passwd-file
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
passdb {
  args = /etc/file.txt
  driver = passwd-file
  master = yes
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
plugin {
  acl = vfile
  acl_shared_dict = file:/buzones/mydomain.com/acls_compartidas.db
  lda_mailbox_autosubscribe = yes
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size subject from
  quota = dict:Cuota de usuario::file:/buzones/cuotas/%n
  quota_rule2 = Trash:storage=+10%%
  quota_warning = storage=90%% aviso_cuota 90 %u
  sieve = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/dovecot.sieve
  sieve_dir = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/sieve/
  zlib_save = gz
  zlib_save_level = 9
}
pop3_no_flag_updates = yes
protocols = pop3 imap sieve
service anvil {
  client_limit = 43000
}
service auth {
  client_limit = 58600
  unix_listener auth-master {
    user = entrega
  }
  unix_listener auth-userdb {
    user = entrega
  }
  user = root
}
service aviso_cuota {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener aviso_cuota {
    mode = 0666
  }
  user = entrega
}
service config {
  process_min_avail = 4
}
service imap-login {
  client_limit = 28000
  executable = /usr/libexec/dovecot/imap-login
  group = dovenull
  process_min_avail = 2
  service_count = 0
  vsz_limit = 2 G
}
service imap {
  executable = /usr/libexec/dovecot/imap
  process_limit = 18000
  process_min_avail = 120
  vsz_limit = 3 G
}
service managesieve-login {
  executable = /usr/libexec/dovecot/managesieve-login
  inet_listener sieve {
    port = 2000
  }
  process_limit = 2000
  vsz_limit = 2 G
}
service managesieve {
  executable = /usr/libexec/dovecot/managesieve
  process_limit = 5000
}
service pop3-login {
  executable = /usr/libexec/dovecot/pop3-login
  process_limit = 7000
  process_min_avail = 2
  service_count = 0
  vsz_limit = 1 G
}
service pop3 {
  executable = /usr/libexec/dovecot/pop3
  process_limit = 7000
}
service stats {
  fifo_listener stats-mail {
    mode = 0600
    user = entrega
  }
}
ssl_ca = </etc/pki/my_chain
ssl_cert = </etc/pki/my_cert
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
userdb {
  args = /etc/dovecot/dovecot-ldap-userdb.conf
  driver = ldap
}
verbose_proctitle = yes
protocol sieve {
  managesieve_implementation_string = dovecot
  managesieve_logout_format = bytes=%i/%o
  managesieve_max_line_length = 65536
}
protocol lda {
  hostname = mydomain.com
  info_log_path =
  log_path =
  mail_fsync = optimized
  mail_plugins = sieve zlib quota virtual acl
  postmaster_address = postmaster@mydomain.com
  syslog_facility = mail
}
protocol imap {
  mail_plugins = zlib quota imap_quota virtual acl imap_acl notify mail_log
}
protocol pop3 {
  mail_plugins = zlib quota virtual
  pop3_enable_last = yes
  pop3_uidl_format = %g
} 


---
Aki Tuomi