Problem logging in during testing
Instructions at http://wiki2.dovecot.org/BasicConfiguration say the next thing to test after getting IMAP and Telnet working is to create a dummy user file with the following command:
echo "$USER:{PLAIN}password:$UID:$GID::$HOME" > users
And place it in /etc/dovecot and protect it appropriately. It was also edited to change the plain-text password from `password' to what it really is.
The next section describes changes to 10-auth.conf and other things:
If you used the example configuration files, switch to passwd-file by modifying conf.d/10-auth.conf:
Add '#' to comment out the system user login for now:
#!include auth-system.conf.ext
Remove '#' to use passwd-file:
!include auth-passwdfile.conf.ext
In conf.d/auth-passwdfile.conf.ext you should have:
passdb { driver = passwd-file args = scheme=CRYPT username_format=%u /etc/dovecot/users } userdb { driver = passwd-file args = username_format=%u /etc/dovecot/users }
Verify with doveconf -n passdb userdb that the output looks like above (and there are no other passdbs or userdbs).
All done successfully.
Now, when I telnet 127.0.0.1 143 and attempt to log in with the string:
a login <any username> <any password>
whether it's one in my users file or not, I get:
a NO [AUTHENTICATIONFAILED] Authentication failed.
On Mon, 15 Jun 2015 17:22:13 +0200, you wrote:
Found one problem in maillog. mail_uid and mail_gid weren't defined. I didn't define them manually because I thought they defaulted to vmail. Now they are defined that way.
These are a mystery:
Jun 15 16:45:15 <my-node> dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=1428, secured, session=<jBDSLZEYvQB/AAAB> Jun 15 16:45:15 <my-node> dovecot: imap(admin): Error: User initialization failed: Namespace '': Mail storage autodetection failed with home=/home/admin Jun 15 16:45:15 <my-node> dovecot: imap(admin): Error: Invalid user settings. Refer to server log for more information.
~doveadm log find' says everything goes to /var/log/maillog, so that's all I have.
I think I have it now! Found info about *correctly* defining namespaces. I now get the following when telnetting in, and it all looks valid.
Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. a login <my-username> <my-password> a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SPECIAL-USE] Logged in a logout
- BYE Logging out a OK Logout completed. Connection closed by foreign host.
If this is correct, then I'm off to add Postfix and get my mailing lists back online.
Am Montag, den 15.06.2015, 13:33 -0400 schrieb Steve Matzura:
It looks like you don't enforce SSL/TLS. If you don't have any clients which are many years old you should do that. But of course it'S your own decision if you want your users passwords (and everything else) sent to your server in clear text over the wire
Am 15.06.2015 um 20:26 schrieb Felix Zielcke:
SSL is not enforced on localhost even when specifying ssl=required.
Take a look at the comment in /etc/dovecot/conf.d/10-ssl.conf: # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> # disable plain pop3 and imap, allowed are only pop3+TLS, # pop3s, imap+TLS and imaps # plain imap and pop3 are still allowed for local connections
-- Alex JOST
participants (4)
-
Alex JOST
-
Christian Kivalo
-
Felix Zielcke
-
Steve Matzura