Supporting both "username" to username@domain.com
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in.
Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what?
We have other users who are using older versions of Outlook and Thunderbird and webmail that still support this login method. How can I support both?
Here is my dovecot info.
2.3.21.1 (d492236fa0): /etc/dovecot/dovecot.conf
OS: Linux 6.12.6-100.fc40.x86_64 x86_64 Fedora release 40 (Forty) btrfs
auth_mechanisms = plain login default_client_limit = 3000 default_process_limit = 4000 default_vsz_limit = 1 G dict { sql = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = 209.216.XXX.60, 127.0.0.1 mail_gid = users mail_location = maildir:/home/%u/Maildir mail_max_userip_connections = 100 mail_plugins = " listescape last_login" mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { last_login_dict = proxy::sql last_login_key = # hidden, use -P to show it last_login_precision = ms sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = pop3 imap lmtp service anvil { client_limit = 12003 } service auth-worker { client_limit = 20000 } service auth { client_limit = 20000 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 20 service_count = 0 vsz_limit = 1 G } service lmtp { executable = lmtp -L inet_listener lmtp { address = 127.0.0.1 port = 24 } process_min_avail = 5 unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl_ca = </var/www/example.com-443/ssl/DigiCertCA-2022.crt ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot-lda.log log_path = /var/log/dovecot-lda-errors.log } protocol imap { mail_max_userip_connections = 100 } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } local_name example.com { ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt ssl_key = # hidden, use -P to show it } local_name users.example1.com { ssl_cert = </etc/letsencrypt/example1-fullchain.pem ssl_key = # hidden, use -P to show it }
We're also using postfix to support this basic sasl username when sending.
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in. Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what? We have other users who are using older versions of Outlook and Thunderbird and webmail that still support this login method. How can I support both? Here is my dovecot info.
2.3.21.1 (d492236fa0): /etc/dovecot/dovecot.conf
OS: Linux 6.12.6-100.fc40.x86_64 x86_64 Fedora release 40 (Forty) btrfs
auth_mechanisms = plain login default_client_limit = 3000 default_process_limit = 4000 default_vsz_limit = 1 G dict { sql = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = 209.216.XXX.60, 127.0.0.1 mail_gid = users mail_location = maildir:/home/%u/Maildir mail_max_userip_connections = 100 mail_plugins = " listescape last_login" mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { last_login_dict = proxy::sql last_login_key = # hidden, use -P to show it last_login_precision = ms sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = pop3 imap lmtp service anvil { client_limit = 12003 } service auth-worker { client_limit = 20000 } service auth { client_limit = 20000 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 20 service_count = 0 vsz_limit = 1 G } service lmtp { executable = lmtp -L inet_listener lmtp { address = 127.0.0.1 port = 24 } process_min_avail = 5 unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl_ca = </var/www/example.com-443/ssl/DigiCertCA-2022.crt ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot-lda.log log_path = /var/log/dovecot-lda-errors.log } protocol imap { mail_max_userip_connections = 100 } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } local_name [1]example.com { ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt ssl_key = # hidden, use -P to show it } local_name [2]users.example1.com { ssl_cert = </etc/letsencrypt/example1-fullchain.pem ssl_key = # hidden, use -P to show it } We're also using postfix to support this basic sasl username when sending. smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous
References
Visible links
Hi, does anyone have any tips or recommendations on my question involving support for the new Outlook?
How do I configure dovecot to support both "username" and " username@mydomain.com"?
Thanks, Alex
On Mon, Aug 4, 2025 at 12:18 PM Alex <mysqlstudent@gmail.com> wrote:
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in.
Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what?
We have other users who are using older versions of Outlook and Thunderbird and webmail that still support this login method. How can I support both?
Here is my dovecot info.
2.3.21.1 (d492236fa0): /etc/dovecot/dovecot.conf
OS: Linux 6.12.6-100.fc40.x86_64 x86_64 Fedora release 40 (Forty) btrfs
auth_mechanisms = plain login default_client_limit = 3000 default_process_limit = 4000 default_vsz_limit = 1 G dict { sql = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = 209.216.XXX.60, 127.0.0.1 mail_gid = users mail_location = maildir:/home/%u/Maildir mail_max_userip_connections = 100 mail_plugins = " listescape last_login" mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { last_login_dict = proxy::sql last_login_key = # hidden, use -P to show it last_login_precision = ms sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = pop3 imap lmtp service anvil { client_limit = 12003 } service auth-worker { client_limit = 20000 } service auth { client_limit = 20000 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 20 service_count = 0 vsz_limit = 1 G } service lmtp { executable = lmtp -L inet_listener lmtp { address = 127.0.0.1 port = 24 } process_min_avail = 5 unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl_ca = </var/www/example.com-443/ssl/DigiCertCA-2022.crt ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot-lda.log log_path = /var/log/dovecot-lda-errors.log } protocol imap { mail_max_userip_connections = 100 } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } local_name example.com { ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt ssl_key = # hidden, use -P to show it } local_name users.example1.com { ssl_cert = </etc/letsencrypt/example1-fullchain.pem ssl_key = # hidden, use -P to show it }
We're also using postfix to support this basic sasl username when sending.
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous
Hi, does anyone have any tips or recommendations on my question involving support for the new Outlook?
How do I configure dovecot to support both "username" and "[1]username@mydomain.com"? Thanks, Alex On Mon, Aug 4, 2025 at 12:18PM Alex <[2]mysqlstudent@gmail.com> wrote:
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use
only usernames without domain when logging in.
Now apparently the new Outlook (1.2025.617.000) no longer supports the
ability to change username for IMAP. Now what?
We have other users who are using older versions of Outlook and
Thunderbird and webmail that still support this login method. How can I
support both?
Here is my dovecot info.
# 2.3.21.1 (d492236fa0): /etc/dovecot/dovecot.conf
# OS: Linux 6.12.6-100.fc40.x86_64 x86_64 Fedora release 40 (Forty)
btrfs
auth_mechanisms = plain login
default_client_limit = 3000
default_process_limit = 4000
default_vsz_limit = 1 G
dict {
sql = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 209.216.XXX.60, 127.0.0.1
mail_gid = users
mail_location = maildir:/home/%u/Maildir
mail_max_userip_connections = 100
mail_plugins = " listescape last_login"
mail_privileged_group = mail
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
plugin {
last_login_dict = proxy::sql
last_login_key = # hidden, use -P to show it
last_login_precision = ms
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = pop3 imap lmtp
service anvil {
client_limit = 12003
}
service auth-worker {
client_limit = 20000
}
service auth {
client_limit = 20000
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
process_min_avail = 20
service_count = 0
vsz_limit = 1 G
}
service lmtp {
executable = lmtp -L
inet_listener lmtp {
address = 127.0.0.1
port = 24
}
process_min_avail = 5
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl_ca = </var/www/example.com-443/ssl/DigiCertCA-2022.crt
ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt
ssl_key = # hidden, use -P to show it
userdb {
driver = passwd
}
protocol lda {
info_log_path = /var/log/dovecot-lda.log
log_path = /var/log/dovecot-lda-errors.log
}
protocol imap {
mail_max_userip_connections = 100
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
local_name [3]example.com {
ssl_cert = </var/www/example.com-443/ssl/example-combined-2025.crt
ssl_key = # hidden, use -P to show it
}
local_name [4]users.example1.com {
ssl_cert = </etc/letsencrypt/example1-fullchain.pem
ssl_key = # hidden, use -P to show it
}
We're also using postfix to support this basic sasl username when
sending.
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymousReferences
Visible links
- mailto:username@mydomain.com
- mailto:mysqlstudent@gmail.com
- http://example.com/
- http://users.example1.com/
On 12/08/2025 08:21, Alex via dovecot wrote:
Hi, does anyone have any tips or recommendations on my question involving support for the new Outlook?
Hi Alex.
Sorry I know it isn't the answer you're hoping for, but my tip would be avoid New Outlook altogether.
I was horrified to find that New Outlook uses a cloud service to download emails, which I discovered because I use geo-blocking on IMAP access, and New Outlook wasn't able to connect. It turns out that the Outlook New client (that was running within my network) was attempting to download the emails from a different country. Makes you wonder what Microsoft are doing with your emails doesn't it?
I haven't read the fine-print on New Outlook license terms and conditions, but for me this was a show-stopper. The whole reason I run my own email server is to maintain sovereignty over my data.
Nick.
On 2025-08-12 01:11, Nick Tait via dovecot wrote:
On 12/08/2025 08:21, Alex via dovecot wrote:
Hi, does anyone have any tips or recommendations on my question involving support for the new Outlook?
Hi Alex.
Sorry I know it isn't the answer you're hoping for, but my tip would be avoid New Outlook altogether.
I was horrified to find that New Outlook uses a cloud service to download emails, which I discovered because I use geo-blocking on IMAP access, and New Outlook wasn't able to connect. It turns out that the Outlook New client (that was running within my network) was attempting to download the emails from a different country. Makes you wonder what Microsoft are doing with your emails doesn't it?
I haven't read the fine-print on New Outlook license terms and conditions, but for me this was a show-stopper. The whole reason I run my own email server is to maintain sovereignty over my data.
Nick.
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Not specific to DoveCot, and a little off topic, but also be aware that MS also has a habit, of trying to use the cloud service for initial email setup, and have had reports that it 'can' fallback to insecure methods as it tries to connect..
-- "Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd.
604-682-0300 Beautiful British Columbia, Canada
On Mon, Aug 11, 2025 at 11:25 PM Alex via dovecot <dovecot@dovecot.org> wrote:
Hi, does anyone have any tips or recommendations on my question involving support for the new Outlook?
You'll probably need 2 passdb/userdb configurations - one for each case. However, if the mail_location definition is the same, then you're gonna face a big trouble finding the emails and serving them. What this tells you is that you should avoid the new Outlook, or go ONLY with what it wants, not both.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
On Mon, Aug 11, 2025 at 11:25PM Alex via dovecot <[1]dovecot@dovecot.org> wrote:
Hi, does anyone have any tips or recommendations on my question
involving
support for the new Outlook?You'll probably need 2 passdb/userdb configurations - one for each case. However, if the mail_location definition is the same, then you're gonna face a big trouble finding the emails and serving them. What this tells you is that you should avoid the new Outlook, or go ONLY with what it wants, not both.
Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' -\_(Tu)_/- :-) [How to ask smart questions: [2]http://www.catb.org/~esr/faqs/smart-questions.html]
References
Visible links
- mailto:dovecot@dovecot.org
- http://www.catb.org/~esr/faqs/smart-questions.html
On 2025-08-11 4:21 p.m., Alex via dovecot wrote:
Hi, does anyone have any tips or recommendations on my question involving support for the new Outlook? How do I configure dovecot to support both "username" and "[1]username@mydomain.com"?
I have not tried it myself, but I believe the following change should work
auth_username_format = %Ln
On 2025-08-11 4:21 p.m., Alex via dovecot wrote:
Hi, does anyone have any tips or recommendations on my question involving
support for the new Outlook?
How do I configure dovecot to support both "username" and
[1]"[1]username@mydomain.com"?I have not tried it myself, but I believe the following change should work
auth_username_format = %Ln
References
Visible links
- mailto:[1]username@mydomain.com
See: auth_default_realm https://doc.dovecot.org/2.3/settings/core/
On Tue, Aug 12, 2025 at 2:51 PM Oscar del Rio via dovecot < dovecot@dovecot.org> wrote:
On 2025-08-11 4:21 p.m., Alex via dovecot wrote:
Hi, does anyone have any tips or recommendations on my questioninvolving support for the new Outlook?
How do I configure dovecot to support both "username" and [1]"[1]username@mydomain.com"?I have not tried it myself, but I believe the following change should work
auth_username_format = %Ln
References
Visible links
- mailto:[1]username@mydomain.com
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
See: auth_default_realm[1]https://doc.dovecot.org/2.3/settings/core/ On Tue, Aug 12, 2025 at 2:51PM Oscar del Rio via dovecot <[2]dovecot@dovecot.org> wrote:
On 2025-08-11 4:21 p.m., Alex via dovecot wrote:
Hi, does anyone have any tips or recommendations on my question
involving
support for the new Outlook?
How do I configure dovecot to support both "username" and
[1]"[1][3]username@mydomain.com"?
I have not tried it myself, but I believe the following change should
work
auth_username_format = %Ln
References
Visible links
1. mailto:[1][4]username@mydomain.com
_______________________________________________
dovecot mailing list -- [5]dovecot@dovecot.org
To unsubscribe send an email to [6]dovecot-leave@dovecot.orgReferences
Visible links
- https://doc.dovecot.org/2.3/settings/core/
- mailto:dovecot@dovecot.org
- mailto:username@mydomain.com
- mailto:username@mydomain.com
- mailto:dovecot@dovecot.org
- mailto:dovecot-leave@dovecot.org
On 8/4/25 12:18, Alex via dovecot wrote:
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in. Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what? We have other users who are using older versions of Outlook and Thunderbird and webmail that still support this login method. How can I support both?
Well you're already pretty much screwed using Outlook, so you will have much bigger problems than this to look forward to. However, 20+ years ago in the process of migrating away from username to username@domain logins in Dovecot, I set up a stored function in MySQL that takes care of this transparently. In the user_query and password_query configurations I query this function. It looks for the presence of '@' and applies a default domain name if it's not present.
This is in constant use here to this day, and it works great.
-Dave-- Dave McGuire, AK4HZ New Kensington, PA
This was my first reaction, though I haven’t built a script to do it.
A — Andrew Sullivan Please excuse my clumbsy thums
On Aug 12, 2025, at 10:42, Dave McGuire via dovecot <dovecot@dovecot.org> wrote:
On 8/4/25 12:18, Alex via dovecot wrote:
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in. Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what? We have other users who are using older versions of Outlook and Thunderbird and webmail that still support this login method. How can I support both?
Well you're already pretty much screwed using Outlook, so you will have much bigger problems than this to look forward to. However, 20+ years ago in the process of migrating away from username to username@domain logins in Dovecot, I set up a stored function in MySQL that takes care of this transparently. In the user_query and password_query configurations I query this function. It looks for the presence of '@' and applies a default domain name if it's not present.
This is in constant use here to this day, and it works great.
-Dave-- Dave McGuire, AK4HZ New Kensington, PA
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
On Mon, Aug 4, 2025 at 7:22 PM Alex via dovecot <dovecot@dovecot.org> wrote:
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in. Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what?
To "change usernames for IMAP" - what do you mean by that? Usernames are static records.
We have other users who are using older versions of Outlook and
Thunderbird and webmail that still support this login method. How can I support both?
I also don't understand the question.
However, I do understand you need to support MuA's login with either johndoe or johndoe@domain.name. I have a solution for you, but it's based on MySQL/MariaDB. I use Exim (MTA), Dovecot (2.4.1), and SOGo (Groupware/Webmail). It's easy to use the same config with Dovecot 2.3.21. If you are interested, reach out offlist. It should be easy to get going.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
On Mon, Aug 4, 2025 at 7:22PM Alex via dovecot <[1]dovecot@dovecot.org> wrote:
Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to
use
only usernames without domain when logging in.
Now apparently the new Outlook (1.2025.617.000) no longer supports
the
ability to change username for IMAP. Now what?To "change usernames for IMAP" - what do you mean by that? Usernames are static records.
We have other users who are using older versions of Outlook and
Thunderbird and webmail that still support this login method. How can
I
support both?I also don't understand the question. However, I do understand you need to support MuA's login with either johndoe or [2]johndoe@domain.name. I have a solution for you, but it's based on MySQL/MariaDB. I use Exim (MTA), Dovecot (2.4.1), and SOGo (Groupware/Webmail). It's easy to use the same config with Dovecot 2.3.21. If you are interested, reach out offlist. It should be easy to get going.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' -\_(Tu)_/- :-) [How to ask smart questions: [3]http://www.catb.org/~esr/faqs/smart-questions.html]
References
Visible links
- mailto:dovecot@dovecot.org
- mailto:johndoe@domain.name
- http://www.catb.org/~esr/faqs/smart-questions.html
On 15/08/25, Odhiambo Washington via dovecot (dovecot@dovecot.org) wrote:
On Mon, Aug 4, 2025 at 7:22PM Alex via dovecot <[1]dovecot@dovecot.org> wrote: Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in. Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what? ...
However, I do understand you need to support MuA's login with either johndoe or [2]johndoe@domain.name. I have a solution for you, but it's based on MySQL/MariaDB. I use Exim (MTA), Dovecot (2.4.1), and SOGo (Groupware/Webmail).
Perhaps a crude solution might be to use the auth_default_domain setting.
https://doc.dovecot.org/2.3/settings/core/#core_setting-auth_default_realm
Default realm/domain to use if none was specified. This is used for both
SASL realms and appending @domain to username in plaintext logins.
On Fri, Aug 15, 2025 at 5:39 PM Rory Campbell-Lange <rory@campbell-lange.net> wrote:
On 15/08/25, Odhiambo Washington via dovecot (dovecot@dovecot.org) wrote:
On Mon, Aug 4, 2025 at 7:22PM Alex via dovecot <[1] dovecot@dovecot.org> wrote: Hi, I'm using dovecot-2.3.21 on fedora40 and have configured it to use only usernames without domain when logging in. Now apparently the new Outlook (1.2025.617.000) no longer supports the ability to change username for IMAP. Now what? ...
However, I do understand you need to support MuA's login with either johndoe or [2]johndoe@domain.name. I have a solution for you, but it's based on MySQL/MariaDB. I use Exim (MTA), Dovecot (2.4.1), and SOGo (Groupware/Webmail).
Perhaps a crude solution might be to use the
auth_default_domainsetting.https://doc.dovecot.org/2.3/settings/core/#core_setting-auth_default_realm
Default realm/domain to use if none was specified. This is used for both
SASL realms and appending @domain to username in plaintext logins.
If you only have a single domain name, this should work. The method I am using allows a larger scope. You can loging as user1 or user1@domain1, etc If a user provides just "username" I run a query that tries to match it against domain1, domain, 2, domainM. Whichever matches first is used.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
On Fri, Aug 15, 2025 at 5:39PM Rory Campbell-Lange <[1]rory@campbell-lange.net> wrote:
On 15/08/25, Odhiambo Washington via dovecot ([2]dovecot@dovecot.org)
wrote:
> On Mon, Aug 4, 2025 at 7:22PM Alex via dovecot
<[1][3]dovecot@dovecot.org>
> wrote:
> Hi, I'm using dovecot-2.3.21 on fedora40 and have configured
it to
> use only usernames without domain when logging in. Now
apparently the
> new Outlook (1.2025.617.000) no longer supports the ability to
change
> username for IMAP. Now what?
...
> However, I do understand you need to support MuA's login with
either
> johndoe or [2][4]johndoe@domain.name.
> I have a solution for you, but it's based on MySQL/MariaDB.
> I use Exim (MTA), Dovecot (2.4.1), and SOGo (Groupware/Webmail).
Perhaps a crude solution might be to use the `auth_default_domain`
setting.
[5]https://doc.dovecot.org/2.3/settings/core/#core_setting-auth_default_realm
# Default realm/domain to use if none was specified. This is used for
both
# SASL realms and appending @domain to username in plaintext logins.If you only have a single domain name, this should work. The method I am using allows a larger scope. You can loging as user1 or user1@domain1, etc If a user provides just "username" I run a query that tries to match it against domain1, domain, 2, domainM. Whichever matches first is used.
Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' -\_(Tu)_/- :-) [How to ask smart questions: [6]http://www.catb.org/~esr/faqs/smart-questions.html]
References
Visible links
- mailto:rory@campbell-lange.net
- mailto:dovecot@dovecot.org
- mailto:dovecot@dovecot.org
- mailto:johndoe@domain.name
- https://doc.dovecot.org/2.3/settings/core/#core_setting-auth_default_realm
- http://www.catb.org/~esr/faqs/smart-questions.html
On 15/08/25, Odhiambo Washington via dovecot (dovecot@dovecot.org) wrote:
On Fri, Aug 15, 2025 at 5:39PM Rory Campbell-Lange > <rory@campbell-lange.net> wrote:
If you only have a single domain name, this should work. The method I am using allows a larger scope. You can loging as user1 or user1@domain1, etc.
If a user provides just "username" I run a query that tries to match it against domain1, domain, 2, domainM. Whichever matches first is used.
I guess it might be a good idea to force a bare username to have a made up domain, such as example.com, to avoid the case where tom matches a tom in another domain and guesses pass123 is their password.
I've tried to consider that situation in this example: https://github.com/rorycl/dovecot-config/tree/main/two-userdbs
In SQL I guess that might mean doing something like running a query like domain IN (${user|domain}, 'example.com'), and ensuring all domain-less users are given that default domain in the users table.
Rory
If you only have a single domain name, this should work. The method I am using allows a larger scope. You can loging as user1 or user1@domain1, etc.
If a user provides just "username" I run a query that tries to match it against domain1, domain, 2, domainM. Whichever matches first is used.
I guess it might be a good idea to force a bare username to have a made up domain, such as example.com, to avoid the case where tom matches a tom in another domain and guesses pass123 is their password.
I've tried to consider that situation in this example: https://github.com/rorycl/dovecot-config/tree/main/two-userdbs
In SQL I guess that might mean doing something like running a query like
domain IN (${user|domain}, 'example.com'), and ensuring all domain-less users are given that default domain in the users table.
This looks like an interesting solution. I'm unsure how your two-userdbs code would make this work, though? Do you have specific instructions on how I might be able to do this?
Odhiambo, I'm also interested in your offer from above. Are you able to send me the code/ideas you referenced?
Thanks, Alex
Rory
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
> If you only have a single domain name, this should work. The method I
am
> using allows a larger scope. You can loging as user1 or user1@domain1,
etc.
>
> If a user provides just "username" I run a query that tries to match
it
> against domain1, domain, 2, domainM. Whichever matches first is used.
I guess it might be a good idea to force a bare username to have a made
up domain, such as [1]example.com, to avoid the case where tom matches a
tom in another domain and guesses pass123 is their password.
I've tried to consider that situation in this example:
[2]https://github.com/rorycl/dovecot-config/tree/main/two-userdbs
In SQL I guess that might mean doing something like running a query like
`domain IN (${user|domain}, '[3]example.com')`, and ensuring all
domain-less users are given that default domain in the users table.This looks like an interesting solution. I'm unsure how your two-userdbs code would make this work, though? Do you have specific instructions on how I might be able to do this? Odhiambo, I'm also interested in your offer from above. Are you able to send me the code/ideas you referenced? Thanks, Alex
Rory
_______________________________________________
dovecot mailing list -- [4]dovecot@dovecot.org
To unsubscribe send an email to [5]dovecot-leave@dovecot.orgReferences
Visible links
- http://example.com/
- https://github.com/rorycl/dovecot-config/tree/main/two-userdbs
- http://example.com/
- mailto:dovecot@dovecot.org
- mailto:dovecot-leave@dovecot.org
On 26/08/25, Alex (mysqlstudent@gmail.com) wrote:
If you only have a single domain name, this should work. The method I am using allows a larger scope. You can loging as user1 or user1@domain1, etc.
If a user provides just "username" I run a query that tries to match it against domain1, domain, 2, domainM. Whichever matches first is used.
I guess it might be a good idea to force a bare username to have a made up domain, such as example.com, to avoid the case where tom matches a tom in another domain and guesses pass123 is their password.
I've tried to consider that situation in this example: https://github.com/rorycl/dovecot-config/tree/main/two-userdbs
In SQL I guess that might mean doing something like running a query like
domain IN (${user|domain}, 'example.com'), and ensuring all domain-less users are given that default domain in the users table.This looks like an interesting solution. I'm unsure how your two-userdbs code would make this work, though? Do you have specific instructions on how I might be able to do this?
Odhiambo, I'm also interested in your offer from above. Are you able to send me the code/ideas you referenced?
I've implemented a couple of arrangements that might be of interest (using passwd files) at https://github.com/rorycl/dovecot-config#examples
The two-userdbs example is an example of using separate user databases.
The no-domain example might be helpful separately; it's an example of using the same user database for domain-less and domain qualified users.
You can run these easily with Docker. I'd be grateful to know what you and Odhiambo think.
Regards, Rory
participants (9)
-
Alex
-
Andrew Sullivan
-
Dave McGuire
-
Greg Sloop <gregs@sloop.net>
-
Michael Peddemors
-
Nick Tait
-
Odhiambo Washington
-
Oscar del Rio
-
Rory Campbell-Lange