Re: [Dovecot] configure lmtp to deliver to email addresses case insensitively
Hi David
I believe RFC822 email addresses are case-insensitive, and (in some
RFC 2821, Page 13, 1st paragraph: "The local-part of a mailbox MUST BE treated as case sensitive. Therefore, SMTP implementations MUST take care to preserve the case of mailbox local-parts. Mailbox domains are not case sensitive. In particular, for some hosts the user "smith" is different from the user "Smith". However, exploiting the case sensitivity of mailbox local-parts impedes interoperability and is discouraged." (http://tools.ietf.org/html/rfc2821#section-2.4)
cases, especially ones where there's just a mail server) it's entirely possible that people remember their account names with some capital letters that aren't in user db. (System knows you as "mrsmithy@mail.domain", while the user may remember the account as "MrSmithy@mail.domain" or "MrsMithy@mail.domain"...). Also, people with
I just want login names to be case sensitive but not email addresses, and in spite of being treated as case insensitive email addresses should retain their case, just like defined and suggested in the RFC.
This reduces support calls because it's con-formant and we have a clear policy: Usernames are always lower case, non-email addresses, the same simple and short name for all our services. There is nothing easier than this. We use this since 17 years and it works without confusion. If a user now spots that suddendly any capitalization of usernames is working when logging in to the webmail, how can I explain that this doesn't work with other services like FTP?
smartphones may not notice that the phone "helpfully" uppercased the first letter of a lowercase user name. Forcing case reduces support calls, which is always a good thing. That's why email addresses should be allowed containing capitalizations. On smartphone people tend to use MUAs and there the username is saved and not entered each and every time, so for the username this is less true, I think.
Back to dovecot: Using LDA as a transport for the dovecot store, it used to work perfectly (with dovecot 1.x). It's just LMTP that spits, because it looks up the local part in the userdb, which is PAM in our case. I won't change PAM to act case insensitive: I'm not in the position to change a common sense in the computing world as it always was. It's enough Microsoft did that and probably just because of that we're having this discussion here...
However, it's maybe best to lowercase the local part in the exim lmtp-transport and leave dovecot's LMTP in peace.
Best regards, Adrian.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 17 Dec 2013, Adrian Zaugg wrote:
RFC 2821, Page 13, 1st paragraph: "The local-part of a mailbox MUST BE treated as case sensitive. Therefore, SMTP implementations
However, it's maybe best to lowercase the local part in the exim lmtp-transport and leave dovecot's LMTP in peace.
that's what I wanted to suggest :)
More or less, it is the duty of the MTA, IMHO.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUrAM2V3r2wJMiz2NAQLscQf9FC88YCmpCib9J2THqZlSUs8ctuf6pD08 VvS4GqU5fujt0rwJkGTvcxk/bSSGhX6onQouL6KJrW7Dp6JDaZaheOYPufLEyK3R oLRR9E+2twGmmJ45lDiqxO9REjwaNrtaINcHk6x+OREf+1Z0xk3juUNtz63TzdoG e2JYxhWaYbotky+Tzj7yQScqXYEfq8isTYTIW9+2rZalPjgUK6JaknOwqVpGrhgG XkE5WlEJJePbUqalhVzKJ+MrRkNUplPtbkEkgOxfraOd6h7H0dyprohQokkFPgbB 5pZ6vdqCDS0epS/hzCedZ5s/onmgpAQlMdyu6Zgz+R/v+jhyn8KZvQ== =/1EB -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 17 Dec 2013, Steffen Kaiser wrote:
However, it's maybe best to lowercase the local part in the exim lmtp-transport and leave dovecot's LMTP in peace.
that's what I wanted to suggest :)
More or less, it is the duty of the MTA, IMHO.
Um, sorry, forgot the link: http://www.gossamer-threads.com/lists/exim/users/4551
that looks promising.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUrANcV3r2wJMiz2NAQI1rQf/Q4Uo1qehJBOEJ3eMkzdyzbAFw2dEOgA0 UYnVLBihEU6Ubta5X/4JiNR6dBWwf+D7w8IKkUfoUUw2HxqpXrrls8Mzl4DJC9DO ID2IABClDAqe+mK75+mjAUb9duaXHwqr3nFKV6iQ1jIqQzEVw+yMXOm2CwTa1+uu JNyy0CoSu7rw+AmsqDMdpN7F+IjgwLHF8qKBGIm0FTfjmlYc3chePjIaD0GjSj9m +aztbs1jnB0PizfCd1jxfsxLIfDRbE1CbrQOhTIWaHLzZnv8YFPIc+d/LD7jtnSl 1k2Beg0LRFXwa2f0p9LwmB52s8yTxOrvwNjNS5wepjRYvArN7ra1HA== =dapR -----END PGP SIGNATURE-----
Hi again
Thanks for helping me on this, especially to Steffen. If you do not need case sensitivity on user names the use of a redirect router in exim to lowercase the local part of the address to deliver works well.
If one wants for whatever reasons to have support for user names, that just differ in its case, you could put more logic in that router to make that work. Since I did not need that, I can't post it here...
So the solution to the problem is:
A) Either:
Configure dovecot auth to lower case user names, which LMTP inherits, by setting auth_username_format = "%Lu"
Co-Effect: authenticating logins with wrongly cased user names do also succeed.
B) Or:
Configure your MTA to do the Job. With exim, add a new router just before local delivery takes place, like this:
lowercase_local: debug_print = "R: lower case local_part for local delivery" driver = redirect redirect_router = local_user data = ${lc:${local_part}}
and proceed with the local_user router:
local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains check_local_user local_parts = ! root transport = dovecot_lmtp cannot_route_message = Unknown user
then add your LMTP transport:
dovecot_lmtp: driver = lmtp socket = /var/run/dovecot/lmtp batch_max = 256 timeout = 2m delivery_date_add
Has just the effect that login names stay case sensitive (if nothing else is set in dovecot by auth_username_format) but not email addresses, and in spite of being treated as case insensitive, email addresses retain their case.
Maybe some one can add this to the wiki under http://wiki2.dovecot.org/LMTP/Exim?highlight=%28LMTP%29#Using_LMTP_over_UNIX... The code there is anyway not very nice by using the manualroute router with: route_data = whatmeworry # required but not useful
Thanks again to everyone for helping.
Regards, Adrian.
Am 17.12.13 09:38 schrieb Steffen Kaiser:
On Tue, 17 Dec 2013, Steffen Kaiser wrote:
However, it's maybe best to lowercase the local part in the exim lmtp-transport and leave dovecot's LMTP in peace.
that's what I wanted to suggest :)
More or less, it is the duty of the MTA, IMHO.
Um, sorry, forgot the link: http://www.gossamer-threads.com/lists/exim/users/4551
that looks promising.
-- Steffen Kaiser
On 18.12.2013, at 3.01, Adrian Zaugg <adi@ente.limmat.ch> wrote:
A) Either:
Configure dovecot auth to lower case user names, which LMTP inherits, by setting auth_username_format = "%Lu"
Co-Effect: authenticating logins with wrongly cased user names do also succeed.
I think this would work as well:
protocol lmtp { auth_username_format = %Lu }
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 18 Dec 2013, Timo Sirainen wrote:
A) Either:
Configure dovecot auth to lower case user names, which LMTP inherits, by setting auth_username_format = "%Lu"
Co-Effect: authenticating logins with wrongly cased user names do also succeed.
I think this would work as well:
protocol lmtp { auth_username_format = %Lu }
(Y) I never thought about the "context"-depended conf file parsing stuff, wow.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUrGZMl3r2wJMiz2NAQKMFwf+Jxw4na2yRy9UQG7Q4KfZkyJXvfZrZNRG xFt+PS5nkVpJV0AbCSx+2AjRxjVm678AV/c9iB8lkCj5PQpnaAE78Rd+h7xKT/it JKpbmJrUHSroztUSKZi/CPG9naOzjdbEit5CqgDwinrCPjYZ6hKzq32n0ItAk252 v79PJp31evMBqncPqKBRNqsnauXCq1aCEyZA4HzVY13tqLD1At+NtRwOUpbn+9uH GO2ve6Eq4yp3Dzq4xAGkqANu5Xd7LSZBL8CTU3BcjK32RG+12F54OZjC2xqqomeQ MLa0Tq9KaChZwBTRm7E0ujA5LF9RCtUMxcK8YwB3jZbARIOsDGXQag== =6B31 -----END PGP SIGNATURE-----
Am 18.12.13 11:33 schrieb Timo Sirainen:
I think this would work as well:
protocol lmtp { auth_username_format = %Lu }
I tried this with dovecot 2.1.7, but it did not work. It may work on a newer dovecot?
Regards, Adrian.
On 18.12.2013, at 16.52, Adrian Zaugg <adi@ente.limmat.ch> wrote:
Am 18.12.13 11:33 schrieb Timo Sirainen:
I think this would work as well:
protocol lmtp { auth_username_format = %Lu }
I tried this with dovecot 2.1.7, but it did not work. It may work on a newer dovecot?
Well, this is already the default setting in v2.1. So what you would really need to do is:
auth_username_format = %u protocol lmtp { auth_username_format = %Lu }
Not sure why it wouldn't otherwise work. auth_debug=yes might show something useful.
I've updated the wiki under:
http://wiki2.dovecot.org/LMTP/Exim
to document the discussed problem. Maybe someone can review this.
Regards, Adrian.
Am 19.12.13 22:59 schrieb Timo Sirainen:
auth_username_format = %u protocol lmtp { auth_username_format = %Lu }
participants (3)
-
Adrian Zaugg
-
Steffen Kaiser
-
Timo Sirainen