[Dovecot] Yet another going from 1.2 to 2.X question: authentication
So in 1.2.9 I had something like this:
[...]
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = virtual # User running Dovecot LDA's deliver } }
# Dovecot as SASL Auth socket listen { client { path = /var/spool/postfix/private/dovecot-auth mode = 0660 user = postfix group = postfix } }
I see I can, per http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL, setup the sasl entry as
# Dovecot as SASL Auth service auth { unix_listener /var/spool/postfix/private/dovecot-auth mode = 0660 user = postfix group = postfix }
what about the lda? From http://wiki2.dovecot.org/LDA I take it would be as simple as
service auth { unix_listener auth-userdb { mode = 0600 user = virtual # User running Dovecot LDA's deliver } }
Am I correct?
On Thu, 2013-09-19 at 00:50 -0400, Mauricio Tavares wrote:
So in 1.2.9 I had something like this:
[...]
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = virtual # User running Dovecot LDA's deliver } }
# Dovecot as SASL Auth socket listen { client { path = /var/spool/postfix/private/dovecot-auth mode = 0660 user = postfix group = postfix } }
I see I can, per http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL, setup the sasl entry as
# Dovecot as SASL Auth service auth { unix_listener /var/spool/postfix/private/dovecot-auth mode = 0660 user = postfix group = postfix }
what about the lda? From http://wiki2.dovecot.org/LDA I take it would be as simple as
service auth { unix_listener auth-userdb { mode = 0600 user = virtual # User running Dovecot LDA's deliver } }
Am I correct?
Yes, but no need for two service auth's, put them under the one. you might want to also include group= in addition to user, probably wont matter too much if you don't, I cant remember the consequences of not.
On Thu, Sep 19, 2013 at 2:40 AM, Noel Butler <noel.butler@ausics.net> wrote:
On Thu, 2013-09-19 at 00:50 -0400, Mauricio Tavares wrote:
So in 1.2.9 I had something like this:
[...]
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = virtual # User running Dovecot LDA's deliver } }
# Dovecot as SASL Auth socket listen { client { path = /var/spool/postfix/private/dovecot-auth mode = 0660 user = postfix group = postfix } }
I see I can, per http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL, setup the sasl entry as
# Dovecot as SASL Auth service auth { unix_listener /var/spool/postfix/private/dovecot-auth mode = 0660 user = postfix group = postfix }
what about the lda? From http://wiki2.dovecot.org/LDA I take it would be as simple as
service auth { unix_listener auth-userdb { mode = 0600 user = virtual # User running Dovecot LDA's deliver } }
Am I correct?
Yes, but no need for two service auth's, put them under the one. you might want to also include group= in addition to user, probably wont matter too much if you don't, I cant remember the consequences of not.
Makes sense, so I shall set them up as
/etc/dovecot/conf.d/10-master.conf # http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
service auth { unix_listener auth-userdb { mode = 0600 user = virtual # User running Dovecot LDA's deliver }
# Dovecot as SASL Auth
unix_listener /var/spool/postfix/private/dovecot-auth {
mode = 0660
user = postfix
group = postfix
}
}
Thanks for the help (and sorry for the late reply)! Now as soon as the namespaces make sense to me and I figure out how to get sieve properly configured I can do the upgrade.
On 07/10/2013 14:17, Mauricio Tavares wrote:
Makes sense, so I shall set them up as
/etc/dovecot/conf.d/10-master.conf # http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
service auth { unix_listener auth-userdb { mode = 0600 user = virtual # User running Dovecot LDA's deliver }
# Dovecot as SASL Auth unix_listener /var/spool/postfix/private/dovecot-auth { mode = 0660 user = postfix group = postfix }
}
Looks good to me
Thanks for the help (and sorry for the late reply)! Now as soon as the namespaces make sense to me and I figure out how to get sieve properly configured I can do the upgrade.
hehe, no problems, I wont comment on namespaces since I don't use anything special in that regards, but sieve is easy to configure
service managesieve-login { service_count = 1 process_min_avail = 0 vsz_limit = 64M inet_listener sieve { port = 4190 } }
service managesieve { process_limit = 1024 }
protocol sieve { managesieve_max_line_length = 65536 managesieve_logout_format = bytes=%i/%o managesieve_implementation_string = Dovecot Pigeonhole managesieve_max_compile_errors = 5 mail_max_userip_connections = 10 }
set... in global: protocols = pop3 imap sieve (assuming you use both pop3 and imap)
protocol lda: mail_plugins = $mail_plugins sieve
and in the plugin section, something like sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_vacation_min_period = 1d sieve_vacation_default_period = 7d
...and you're all set
participants (2)
-
Mauricio Tavares
-
Noel Butler