Re: LMTP Authentication Error
On 2020-10-07 12:43, Alexander Dalloz wrote:
Am 07.10.2020 um 18:20 schrieb david@mmpcrofton.com:
Any ideas on how to resolve the Userdb connect/lookup problem? My users are pinging me on Sieve support. Thanks, David Provide a full output of "doveconf -n"? Alexander
Alexandar,
Thanks and here you go.
# 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-48-generic x86_64 Ubuntu 20.04.1 LTS # Hostname: mmp-mail.mmpcrofton.com base_dir = /var/run/dovecot/ first_valid_uid = 150 login_greeting = Dovecot ready. mail_gid = 150 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = 150 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Spam { auto = create special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = file:/home/mail/rules/%u/;active=/home/mail/rules/%u/.dovecot.sieve sieve_dir = /home/mail/rules/%u } protocols = " imap lmtp sieve pop3 sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = </etc/letsencrypt/live/imap.mmpcrofton.com/fullchain.pem ssl_client_ca_dir = /etc/ssl/certs ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = " sieve" postmaster_address = david@mmpcrofton.com } protocol imap { mail_max_userip_connections = 50 }
Alexander,
Do you see anything wrong in my config?
David
Sent from my iPhone
On Oct 7, 2020, at 18:19, David Morsberger <david@mmpcrofton.com> wrote:
On 2020-10-07 12:43, Alexander Dalloz wrote:
Am 07.10.2020 um 18:20 schrieb david@mmpcrofton.com: Any ideas on how to resolve the Userdb connect/lookup problem? My users are pinging me on Sieve support. Thanks, David Provide a full output of "doveconf -n"? Alexander
Alexandar,
Thanks and here you go.
# 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-48-generic x86_64 Ubuntu 20.04.1 LTS # Hostname: mmp-mail.mmpcrofton.com base_dir = /var/run/dovecot/ first_valid_uid = 150 login_greeting = Dovecot ready. mail_gid = 150 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = 150 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Spam { auto = create special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = file:/home/mail/rules/%u/;active=/home/mail/rules/%u/.dovecot.sieve sieve_dir = /home/mail/rules/%u } protocols = " imap lmtp sieve pop3 sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = </etc/letsencrypt/live/imap.mmpcrofton.com/fullchain.pem ssl_client_ca_dir = /etc/ssl/certs ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = " sieve" postmaster_address = david@mmpcrofton.com } protocol imap { mail_max_userip_connections = 50 }
I wish someone could help me. I’m trying to track auth in the lmtp code. Nice code base but I’m having trouble tracking the call stack for the error
Sent from my iPhone
On Oct 9, 2020, at 08:00, David Morsberger <david@mmpcrofton.com> wrote:
Alexander,
Do you see anything wrong in my config?
David
Sent from my iPhone
Am 07.10.2020 um 18:20 schrieb david@mmpcrofton.com: Any ideas on how to resolve the Userdb connect/lookup problem? My users are pinging me on Sieve support. Thanks, David Provide a full output of "doveconf -n"? Alexander Alexandar, Thanks and here you go. # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-48-generic x86_64 Ubuntu 20.04.1 LTS # Hostname: mmp-mail.mmpcrofton.com
On Oct 7, 2020, at 18:19, David Morsberger <david@mmpcrofton.com> wrote: On 2020-10-07 12:43, Alexander Dalloz wrote: base_dir = /var/run/dovecot/ first_valid_uid = 150 login_greeting = Dovecot ready. mail_gid = 150 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = 150 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Spam { auto = create special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = file:/home/mail/rules/%u/;active=/home/mail/rules/%u/.dovecot.sieve sieve_dir = /home/mail/rules/%u } protocols = " imap lmtp sieve pop3 sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = </etc/letsencrypt/live/imap.mmpcrofton.com/fullchain.pem ssl_client_ca_dir = /etc/ssl/certs ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = " sieve" postmaster_address = david@mmpcrofton.com } protocol imap { mail_max_userip_connections = 50 }
On Sat, Oct 10, 2020 at 12:08 PM David Morsberger <david@mmpcrofton.com> wrote:
I wish someone could help me. I’m trying to track auth in the lmtp code. Nice code base but I’m having trouble tracking the call stack for the error
Sent from my iPhone
On Oct 9, 2020, at 08:00, David Morsberger <david@mmpcrofton.com> wrote:
Alexander,
Do you see anything wrong in my config?
David
Sent from my iPhone
Am 07.10.2020 um 18:20 schrieb david@mmpcrofton.com: Any ideas on how to resolve the Userdb connect/lookup problem? My users are pinging me on Sieve support. Thanks, David Provide a full output of "doveconf -n"? Alexander Alexandar, Thanks and here you go. # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-48-generic x86_64 Ubuntu 20.04.1 LTS # Hostname: mmp-mail.mmpcrofton.com
On Oct 7, 2020, at 18:19, David Morsberger <david@mmpcrofton.com> wrote: On 2020-10-07 12:43, Alexander Dalloz wrote: base_dir = /var/run/dovecot/ first_valid_uid = 150 login_greeting = Dovecot ready. mail_gid = 150 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = 150 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Spam { auto = create special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = file:/home/mail/rules/%u/;active=/home/mail/rules/%u/.dovecot.sieve sieve_dir = /home/mail/rules/%u } protocols = " imap lmtp sieve pop3 sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = </etc/letsencrypt/live/imap.mmpcrofton.com/fullchain.pem ssl_client_ca_dir = /etc/ssl/certs ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = " sieve" postmaster_address = david@mmpcrofton.com } protocol imap { mail_max_userip_connections = 50 }
Pretty sure you can set up multiple unix_listener's. What about creating another one, inside the 'service auth' container? It'll need to have unix_listener set to 'auth-userdb' (for dovecot's sake, which probably means that you'll to leave it with default user/group/permissions) with a 'path' of /var/run/dovecot. And then rename the existing one to auth-userdb-postfix (totally arbitrary), though note that that will change the filename of the socket itself, so you'll need to change postfix to use /var/spool/postfix/private/auth/auth-userdb-postfix (i.e. same last component as the argument to 'unix_listener')
So you'd end up with something like:
service auth { unix_listener auth-userdb { path = /var/run/dovecot mode = 0660 (or whatever the default is) user = $dovecot_auth_user_dunno_what group = $dovecot_auth_group_dunno_what } unix_listener auth-userdb-postfix { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } }
And then postfix would have /var/spool/postfix/private/auth/auth-userdb-postfix for its dovecot-related socket
Mark,
Thanks! You pointed me in the right direction.
It works and I always like posting the final solution.
Here is what I have in my 10-master.conf
unix_listener auth-userdb { #group = #mode = 0666 #user = $default_internal_user } unix_listener auth-userdb-postfix { path = /var/spool/postfix/private/auth user = postfix group = postfix mode = 0666 }
Adding what you recommended verbatim created a duplicate auth-userdb error. I think because it was due to the default value with the same path.
The auth section from doveconf:
service auth { chroot = client_limit = 0 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-client { group = mode = 0600 user = $default_internal_user } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } unix_listener token-login/tokenlogin { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B }
On Oct 11, 2020, at 4:10 PM, Mark Moseley <moseleymark@gmail.com> wrote:
On Sat, Oct 10, 2020 at 12:08 PM David Morsberger <david@mmpcrofton.com <mailto:david@mmpcrofton.com>> wrote: I wish someone could help me. I’m trying to track auth in the lmtp code. Nice code base but I’m having trouble tracking the call stack for the error
Sent from my iPhone
On Oct 9, 2020, at 08:00, David Morsberger <david@mmpcrofton.com <mailto:david@mmpcrofton.com>> wrote:
Alexander,
Do you see anything wrong in my config?
David
Sent from my iPhone
Am 07.10.2020 um 18:20 schrieb david@mmpcrofton.com <mailto:david@mmpcrofton.com>: Any ideas on how to resolve the Userdb connect/lookup problem? My users are pinging me on Sieve support. Thanks, David Provide a full output of "doveconf -n"? Alexander Alexandar, Thanks and here you go. # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-48-generic x86_64 Ubuntu 20.04.1 LTS # Hostname: mmp-mail.mmpcrofton.com <http://mmp-mail.mmpcrofton.com/>
On Oct 7, 2020, at 18:19, David Morsberger <david@mmpcrofton.com <mailto:david@mmpcrofton.com>> wrote: On 2020-10-07 12:43, Alexander Dalloz wrote: base_dir = /var/run/dovecot/ first_valid_uid = 150 login_greeting = Dovecot ready. mail_gid = 150 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = 150 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Spam { auto = create special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = file:/home/mail/rules/%u/;active=/home/mail/rules/%u/.dovecot.sieve sieve_dir = /home/mail/rules/%u } protocols = " imap lmtp sieve pop3 sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = </etc/letsencrypt/live/imap.mmpcrofton.com/fullchain.pem <http://imap.mmpcrofton.com/fullchain.pem> ssl_client_ca_dir = /etc/ssl/certs ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol lmtp { mail_plugins = " sieve" postmaster_address = david@mmpcrofton.com <mailto:david@mmpcrofton.com> } protocol imap { mail_max_userip_connections = 50 }
Pretty sure you can set up multiple unix_listener's. What about creating another one, inside the 'service auth' container? It'll need to have unix_listener set to 'auth-userdb' (for dovecot's sake, which probably means that you'll to leave it with default user/group/permissions) with a 'path' of /var/run/dovecot. And then rename the existing one to auth-userdb-postfix (totally arbitrary), though note that that will change the filename of the socket itself, so you'll need to change postfix to use /var/spool/postfix/private/auth/auth-userdb-postfix (i.e. same last component as the argument to 'unix_listener')
So you'd end up with something like:
service auth { unix_listener auth-userdb { path = /var/run/dovecot mode = 0660 (or whatever the default is) user = $dovecot_auth_user_dunno_what group = $dovecot_auth_group_dunno_what } unix_listener auth-userdb-postfix { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } }
And then postfix would have /var/spool/postfix/private/auth/auth-userdb-postfix for its dovecot-related socket
participants (2)
-
David Morsberger
-
Mark Moseley