[Dovecot] Struggle with Postfix/Dovecot-auth and SASL
Hi List,
I just updated an old sendmail installation to a modern postfix/dovecot system with mysql backend. Everything works fine but SMTP-AUTH fails with some clients.
The problem is, that with PLAIN (old) clients send the base64 coded form: USERNAME\0USERNAME\0PASSWORD which, as i understand dovecot interprets as MASTERUSER\0USERNAME\PASSWORD. New clients send \0USERNAME\0PASSWORD which works fine. I don`t like to use masterusers, because then everyone would be able to log in as someone else.
When i don`t have a passdb with master=yes in my dovecot.conf, Dovecot complains auth(default): passdb(XXXX@YYY.TLD,master): Attempted master login with no master passdbs
If i create a passdb with contains everyone, everyone may look into other mailboxes. No good idea.
I cant change the old clients, but for now, i dont know, what i am doing wrong or how to correct it. No real HowTo for my setup on the net, it seems that everyone uses cyrus-sasl.
May anybody help, because i don`t like to switch my setup or use 2 auth daemons.
My System: Debian Etch, postfix (2.3.7-3), dovecot (1.0.rc15-2)
Best wishes,
Ingo Reimann System Manager
ICSmedia GmbH in Münster: Soester Straße 13, 48155 Münster in Dortmund: Mönchenwordt 5, 44137 Dortmund im Internet: http://www.icsmedia.de
Telefon: (0251) 60 60-403 Telefax: (0251) 60 60-190 E-Mail: ingo.reimann@icsmedia.de
Geschäftsführung: Frank Wulf Sitz der Gesellschaft: Münster Amtsgericht: Münster HRB: 46 97
Ingo Reimann wrote:
Hi List,
I just updated an old sendmail installation to a modern postfix/dovecot system with mysql backend. Everything works fine but SMTP-AUTH fails with some clients.
The problem is, that with PLAIN (old) clients send the base64 coded form: USERNAME\0USERNAME\0PASSWORD which, as i understand dovecot interprets as MASTERUSER\0USERNAME\PASSWORD. New clients send \0USERNAME\0PASSWORD which works fine. I don`t like to use masterusers, because then everyone would be able to log in as someone else.
What clients have you found that show this behavior? I'm setting up a Postfix server in this manner myself. Although, since this server is outbound only (dovecot does nothing but auth for smtp), I guess I could work around it by setting up the master user stuff.
When i don`t have a passdb with master=yes in my dovecot.conf, Dovecot complains auth(default): passdb(XXXX@YYY.TLD,master): Attempted master login with no master passdbs
If i create a passdb with contains everyone, everyone may look into other mailboxes. No good idea.
I can
t change the old clients, but for now, i dont know, what i am doing wrong or how to correct it. No real HowTo for my setup on the net, it seems that everyone uses cyrus-sasl.May anybody help, because i don`t like to switch my setup or use 2 auth daemons.
My System: Debian Etch, postfix (2.3.7-3), dovecot (1.0.rc15-2)
Best wishes,
Ingo Reimann System Manager
ICSmedia GmbH in Münster: Soester Straße 13, 48155 Münster in Dortmund: Mönchenwordt 5, 44137 Dortmund im Internet: http://www.icsmedia.de
Telefon: (0251) 60 60-403 Telefax: (0251) 60 60-190 E-Mail: ingo.reimann@icsmedia.de
Geschäftsführung: Frank Wulf Sitz der Gesellschaft: Münster Amtsgericht: Münster HRB: 46 97
On 1.3.2007, at 18.43, Ingo Reimann wrote:
The problem is, that with PLAIN (old) clients send the base64 coded
form: USERNAME\0USERNAME\0PASSWORD which, as i understand dovecot
interprets as MASTERUSER\0USERNAME\PASSWORD. New clients send
\0USERNAME\0PASSWORD which works fine. I don`t like to use
masterusers, because then everyone would be able to log in as
someone else. .. Debian Etch, postfix (2.3.7-3), dovecot (1.0.rc15-2)
This was fixed in rc23.
participants (3)
-
Ingo Reimann
-
Justin McAleer
-
Timo Sirainen