[Dovecot] 'unknown user' using dovecot LDA
Ok, one more issue to resolve.
The old server was still using the postfix/virtual for delivery, but the new one is using the dovecot LDA.
Now, when an email generated locally by a cron job is delivered, this shows in the log:
2013-12-22T10:29:55-05:00 host postfix/pickup[31400]: C67FD90F676B2: uid=0 from=<newsrv+rkhunter@example.com> 2013-12-22T10:29:55-05:00 host postfix/cleanup[22349]: C67FD90F676B2: message-id=<20131222152955.C67FD90F676B2@smtp2.example.com> 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: from=<newsrv+rkhunter@example.com>, size=1555, nrcpt=1 (queue active) 2013-12-22T10:29:55-05:00 host dovecot: auth-worker(22365): passwd(user1@example.com): unknown user 2013-12-22T10:29:55-05:00 host dovecot: lda(user1@example.com): msgid=<20131222152955.C67FD90F676B2@smtp2.example.com>: saved mail to INBOX 2013-12-22T10:29:55-05:00 host postfix/pipe[22361]: C67FD90F676B2: to=<user1+rkhunter-report@example.com>, relay=dovecot, delay=0.06, delays=0.02/0/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service) 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: removed
The mail was delivered (as the log also clearly shows), but what is with the 'unknown user'?
I'm not sure how I can test my maps with dovecot, but testing with postfix shows:
# postmap -q user1@example.com mysql:/etc/postfix/maps/mysql/vmm.cf example.com/user1/
Which is correct.
And my dovecot-sql-conf.ext contains:
driver = mysql
connect = "host=localhost dbname=db_name user=dbuser password=password"
default_pass_scheme = CRYPT
password_query =
SELECT username AS user, password
FROM mailbox WHERE username = '%u'
user_query =
SELECT CONCAT('/var/vmail/', maildir) AS home
FROM mailbox WHERE username = '%u'
iterate_query = SELECT username AS user FROM mailbox
I confirmed the db info is identical to what postfix is using.
Oh - and in order to make sure that all usernames are lowercased, shouldn't I change '%u' above to '%Lu'?
Appreciate any suggestions on where to go next... thanks
--
Best regards,
*/Charles/*
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 22-12-13 16:43, Charles Marcus wrote:
Ok, one more issue to resolve.
The old server was still using the postfix/virtual for delivery, but the new one is using the dovecot LDA.
Now, when an email generated locally by a cron job is delivered, this shows in the log:
2013-12-22T10:29:55-05:00 host postfix/pickup[31400]: C67FD90F676B2: uid=0 from=<newsrv+rkhunter@example.com> 2013-12-22T10:29:55-05:00 host postfix/cleanup[22349]: C67FD90F676B2: message-id=<20131222152955.C67FD90F676B2@smtp2.example.com> 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: from=<newsrv+rkhunter@example.com>, size=1555, nrcpt=1 (queue active) 2013-12-22T10:29:55-05:00 host dovecot: auth-worker(22365): passwd(user1@example.com): unknown user
This is an error from the passwd authentication backend, not from the mysql one you're checking below. Seems that you have 2 auth backends enabled in dovecot...
2013-12-22T10:29:55-05:00 host dovecot: lda(user1@example.com): msgid=<20131222152955.C67FD90F676B2@smtp2.example.com>: saved mail to INBOX 2013-12-22T10:29:55-05:00 host postfix/pipe[22361]: C67FD90F676B2: to=<user1+rkhunter-report@example.com>, relay=dovecot, delay=0.06, delays=0.02/0/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service) 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: removed
The mail was delivered (as the log also clearly shows), but what is with the 'unknown user'?
I'm not sure how I can test my maps with dovecot, but testing with postfix shows:
# postmap -q user1@example.com mysql:/etc/postfix/maps/mysql/vmm.cf example.com/user1/
Which is correct.
And my dovecot-sql-conf.ext contains:
driver = mysql connect = "host=localhost dbname=db_name user=dbuser password=password" default_pass_scheme = CRYPT password_query = \ SELECT username AS user, password \ FROM mailbox WHERE username = '%u' user_query = \ SELECT CONCAT('/var/vmail/', maildir) AS home \ FROM mailbox WHERE username = '%u' iterate_query = SELECT username AS user FROM mailbox
I confirmed the db info is identical to what postfix is using.
Oh - and in order to make sure that all usernames are lowercased, shouldn't I change '%u' above to '%Lu'?
Appreciate any suggestions on where to go next... thanks
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJStwoaAAoJEJPfMZ19VO/1MkIQAK2u3lQOUI6zHGQzoO7iNjQP OAHmFyn/QnPSRGd7O+EAHSG6vvz6QBgf0qpUSym8nPu+jDaG564eZwqfQu1cIa2c uerz0ZDYk8hu4XqKHP83c/A5SsoG8QbmO0LTwr3wSSvmvOS4G1agMqpZt2r5r2pG aiAbHgQYWbp906F0absak/W4XAIJltqiIxQ1QcFhhXjovmiQTxugiCgx7RhxY5dx Li1KWzGZbl9cANQvUn8Sy7UIkYtu40qcZn150DYq3iKKT2cA18PSSPA8Rur/zigT vidhIB+h0p+qNlGKs1rUlKifX2fD9JhGa/GinotBi33PTZPsTzVzYESgBYR9/nFH ekgraAJ+xHva2K0dKartzzddHvweAub0PxXn4YZw5X4fxYyITGuWqDBsB2Pn38XW xQRjWQ2nnjNH7YHrCiwAcykU71jT6kYJwSBp1SxkWRHlk9HTDPKH0P+SRJJ03Bri 2CfkutX8GNVNXlME2G1yqDhV03XOPziEwdRUSB5t2jgZWrMYTE21zfpLLLUYhNKa JYnShmpEkRk9VpGquk1fCTMZNtTIomdcqwtfd0r0cPwXFx2KVTBJfkvwR8CCX850 QgiwlTARaLrF8VVT9ujLP2uBieoeDOIJOEAFs86BxQVmLqBkZJVn3raJikhzoHJo pxe1lAFyeF5C7zjD1i5x =rG+d -----END PGP SIGNATURE-----
On 2013-12-22 10:49 AM, Tom Hendrikx <tom@whyscream.net> wrote:
On 22-12-13 16:43, Charles Marcus wrote:
2013-12-22T10:29:55-05:00 host postfix/pickup[31400]: C67FD90F676B2: uid=0 from=<newsrv+rkhunter@example.com> 2013-12-22T10:29:55-05:00 host postfix/cleanup[22349]: C67FD90F676B2: message-id=<20131222152955.C67FD90F676B2@smtp2.example.com> 2013-12-22T10:29:55-05:00 host postfix/qmgr[31401]: C67FD90F676B2: from=<newsrv+rkhunter@example.com>, size=1555, nrcpt=1 (queue active) 2013-12-22T10:29:55-05:00 host dovecot: auth-worker(22365): passwd(user1@example.com): unknown user This is an error from the passwd authentication backend, not from the mysql one you're checking below. Seems that you have 2 auth backends enabled in dovecot...
Ah, right you are, thanks!
Missed that (it was staring me in the face) - doveconf -n shows:
userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql }
One thing about dovecots config I've learned during this process... it is confusing sometimes to determine where any given setting is coming from, given the number of different default config files..
Grepping of course will help you find it, but it would be nice if there was some way to simplify this...
Maybe cut down on the number of different config files (ie, combine all of the different auth-* files into one)?
Or maybe a verbose flag you could pass to doveconf -n - ie, 'doveconf -nv' - that would sort the output based on the config file that each group of settings came from, with a comment above each group of settings, ie:
doveconf -nv ... # from /etc/dovecot/conf.d/auth-system.conf.ext userdb { driver = passwd } # from /etc/dovecot/conf.d/auth-sql.conf.ext userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql }
But, like I said, it isn't all that difficult to find them so not a huge deal.
Anyway, problem solved - thanks again Tom...
--
Best regards,
*/Charles/*
Am 22.12.2013 17:24, schrieb Charles Marcus:
One thing about dovecots config I've learned during this process... it is confusing sometimes to determine where any given setting is coming from, given the number of different default config files..
Grepping of course will help you find it, but it would be nice if there was some way to simplify this...
Maybe cut down on the number of different config files
you are free to use only one config file as below and a second one "/etc/dovecot/sql.conf" referred there contains the sensible autentication configuration
hence my RPM-SPEC does not include a single config file
[root@testserver:~]$ cat /etc/dovecot/dovecot.conf # provided services protocols = imap pop3
# configure ssl ssl = yes ssl_cert = </etc/postfix/certs/localhost.pem ssl_key = </etc/postfix/certs/localhost.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2 ssl_prefer_server_ciphers = yes ssl_parameters_regenerate = 0
# configure imap-proxy service imap-login { inet_listener imap { address = **.**.**.** port = 143 } inet_listener imaps { address = **.**.**.** port = 993 } vsz_limit = 128M service_count = 0 process_min_avail = 1 process_limit = 1 client_limit = 200 }
# configure pop3-proxy service pop3-login { inet_listener pop3 { address = **.**.**.** port = 110 } inet_listener pop3s { address = **.**.**.** port = 995 } vsz_limit = 128M service_count = 0 process_min_avail = 1 process_limit = 1 client_limit = 200 }
# default settings imap_capability = IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE login_greeting = login_log_format_elements = %u %r %m %k login_log_format = %{login_status}: %s mail_max_userip_connections = 100 auth_mechanisms = CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP LOGIN PLAIN disable_plaintext_auth = no shutdown_clients = no version_ignore = yes
# Logging syslog_facility = mail
# authentication process auth_worker_max_count = 50 auth_cache_size = 1024 auth_cache_ttl = 600 auth_cache_negative_ttl = 600 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
# debug options auth_debug = no auth_debug_passwords = no auth_verbose = no mail_debug = no verbose_ssl = no
# configure proxy-database passdb { driver = sql args = /etc/dovecot/sql.conf }
# we are not using local users userdb { driver = static args = static uid=10000 gid=10000 home=/dev/null }
# configure backend for postfix sasl-auth service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } }
On 2013-12-22 11:29 AM, Reindl Harald <h.reindl@thelounge.net> wrote:
Am 22.12.2013 17:24, schrieb Charles Marcus:
One thing about dovecots config I've learned during this process... it is confusing sometimes to determine where any given setting is coming from, given the number of different default config files..
Grepping of course will help you find it, but it would be nice if there was some way to simplify this...
Maybe cut down on the number of different config files
you are free to use only one config file as below and a second one "/etc/dovecot/sql.conf" referred there contains the sensible autentication configuration
I know this, and indeed I do this myself. I wasn't talking about your RPM-SPEC file, I was talking about the numerous dovecot config files that are installed in a new default installation.
It is very confusing for people new to dovecot (I didn't have any major problems, because I'm not new, but installing it fresh gave me a new perspective).
--
Best regards,
*/Charles/*
participants (3)
-
Charles Marcus
-
Reindl Harald
-
Tom Hendrikx