Why would dovecot not be answering
I am really lost as to why dovecot is not authenticating
I have
smtpd_sasl_type = dovecot
in main.cf
and
# Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } in /etc/dovecot/conf.d/10-master.conf
I want it to authenticate on submition only
Everything I read says this should do it, but I am up against a wall. I have no debugging information or log at all to confirm what postfix is doing.
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
Good question. This looks like a unix socket set up for dovecot to provide authentication services to postfix and anyways postfix would be listening on TCP port 587 for authenticated mail submission. Normally you do not want to offer any user authentication or login on port 25, but that is all set up and specified explicitly in /etc/postfix/main.cf and /etc/postfix/master.cf.
Of course you do need user authentication for dovecot itself to offer IMAP and/or POP services for users to fetch or read their email.
I can't get really get on the postfix mailing list myself, or sort through all that volume. There's an unsolicited bulk email industry in control of everything.
On January 22, 2022 7:05:04 PM AKST, Ruben Safir ruben@mrbrklyn.com wrote:
I am really lost as to why dovecot is not authenticating
I have
smtpd_sasl_type = dovecot
in main.cf
and
# Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } in /etc/dovecot/conf.d/10-master.conf
I want it to authenticate on submition only
Everything I read says this should do it, but I am up against a wall. I have no debugging information or log at all to confirm what postfix is doing.
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On Sun, Jan 23, 2022 at 10:19:22AM +0100, Markus Winkler wrote:
Hi Ruben,
On 23.01.22 05:05, Ruben Safir wrote:
smtpd_sasl_type = dovecot
in main.cf
if not already there, please add the following to /etc/postfix/main.cf:
smtpd_sasl_path = private/auth
That is there smtp_sasl_auth_enable = no smtp_sasl_security_options = smtp_sasl_password_maps = smtpd_sasl_type = dovecot smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth
HTH and regards, Markus
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
Oh, as I read this just now:
On 23.01.22 05:05, Ruben Safir wrote:
I want it to authenticate on submition only ---------------^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
you should remove all
smtpd_sasl_*
from /etc/postfix/main.cf, including the smtpd_sasl_path = private/auth from my former mail.
Instead you should put all that in /etc/postfix/master.cf and have something like this:
submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o broken_sasl_auth_clients=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_relay_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -o smtpd_helo_required=no -o smtpd_helo_restrictions=
If it still doesn't work, then please provide the output of
- postconf -n
- postconf -M
Regards, Markus
On Sun, Jan 23, 2022 at 11:15:46AM +0100, Markus Winkler wrote:
Oh, as I read this just now:
On 23.01.22 05:05, Ruben Safir wrote:
I want it to authenticate on submition only ---------------^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
you should remove all
smtpd_sasl_*
from /etc/postfix/main.cf, including the smtpd_sasl_path = private/auth from my former mail.
Instead you should put all that in /etc/postfix/master.cf and have something like this:
submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o broken_sasl_auth_clients=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_relay_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -o smtpd_helo_required=no -o smtpd_helo_restrictions=
If it still doesn't work, then please provide the output of
- postconf -n
- postconf -M
OK - I will try this.
Regards, Markus
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
participants (3)
-
justina colmena ~biz
-
Markus Winkler
-
Ruben Safir