On Tue, 2008-08-19 at 10:05 +0300, Vytenis Sabaliauskas wrote:

I am trying to use the following configuration for testing, but it 

doesn't seem to work (don't laugh :) )

Set auth_debug=yes and look at the logs. But here are some suggestions:

-------8<------------ passdb pam { args = dovecot }

Another possibility could be SQLite with:

password_query = select '%u' as user, null as password, 'y' as nopassword

userdb static { args = uid=0 gid=0 home=/var/mail/empty allow_all_users=yes }

With uid=0 you're telling Dovecot to run the mail process as root. That's not going to work. Use some other uid.

cat /etc/pam.d/dovecot:

#%PAM-1.0

auth required pam_permit.so

I don't know what pam_permit does, but would pam_allow work?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On 2008-08-19, at 0305, Vytenis Sabaliauskas wrote:

Our company has decided to make a fake POP3 (and possibly IMAP)
server, which accepts any user name and password combination and
shows there are no new messages. This is for the purpose that when
our mail cluster passes out, we can redirect our clients to this
server while we fix our mail system. This way we can prevent our
users from getting errors. We are using the latest dovecot server
with Ubuntu (currently), but perhaps will migrate to CentOS (if this
is important)

I am trying to use the following configuration for testing, but ...

it was easier to just throw together a quick script, rather than
configuring dovecot to simulate what you're looking for.

http://qmail.jms1.net/scripts/#fake-pop3

you can run this under daemontools, using "tcpserver" (both of which
are normal djb tools- if you're using qmail you should already have
them on your system.) a "run" script might look like this:

#!/bin/sh PATH=/usr/bin:/bin:/usr/local/bin exec tcpserver -vR 1.2.3.4 110 fake-pop3 2>&1

if you're not using qmail, you may need the links...

daemontools: http://cr.yp.to/daemontools.html tcpserver: http://cr.yp.to/ucspi-tcp.html

you *could* also run it under something like inetd, although i haven't
personally done this- i don't use inetd or xinetd on any of my servers.

===

the other item i should probably mention... i don't recommend you even
think about trying to make an IMAP version of this.

remember that many IMAP clients keep a copy of the server's contents
on their local systems. if one of these clients were to connect and
see what looks like an empty mailbox with no folders, they would
proceed to make their local system "look like" what's on the server...
empty. basically you would end up forcing a bunch of clients to delete
their own local copies of what they have stored on the server.

of course, when the real server comes back, their messages and folders
will "appear" again... but that means the clients will re-download all
of it (which might be a bandwidth or CPU issue, especially for a busy
server where many users keep many messages stored on the server, and
all of them are downloading their entire mailboxes at the same time)
and will probably force the users to re-configure which folders they
do and don't want to be subscribed to.

it's probably easier to just deal with the support calls. IMAP clients
know that if they can't connect to the server, they shouldn't delete
their local copy of the messages and folders...

| John M. Simpson -- KG4ZOW -- Programmer At Large | | http://www.jms1.net/ jms1@jms1.net |

| Hope for America -- http://www.ronpaul2008.com/ |

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAki51qQACgkQj42MmpAUrRprJwCgzzmIFLukVbPgwGp1iASrRpBV 9dEAn1zbLd4Sm6tOaniDT18xiZiYm9dX =3M26 -----END PGP SIGNATURE-----