Fwd: dovecot and postfix, authentication issue
On 6/7/23 20:49, joe a wrote:
On 7/6/2023 8:12 AM, jeremy ardley via dovecot wrote:
On 6/7/23 19:15, joe a wrote:
If your example was meant to show the correct way, I cannot see any difference between that and what my posted config shows other than the sequential (contiguous?) in your example.
Perhaps try the different configuration out? Or even better, stick to one auithentication method only.
Jeremy
Sorry, not to appear dense or argumentative, but I did not see any difference in your example, vs what exists, other than that in your example they are grouped together.
Is that what you suggest I try, or are my aging eyes and brain missing something there?
How about just using PAM?
In dovecot.conf :
auth_mechanisms = plain login
passdb { driver = pam }
userdb { driver = passwd }
This will then call pam whose config is mainly determined by
cat /etc/pam.d/dovecot #%PAM-1.0
#auth required pam_faillock.so preauth silent audit #auth [default=die] pam_faillock.so authfail audit
@include common-auth @include common-account @include common-session
Assuming the pam config is defaults then you will get pam authenticating local users against the local (unix) passwd file. In turn this will authenticate dovecot users and then postfix users
This may sound complex but it's pretty standard to have postfix --> dovecot --> pam --> unix_local
On 7/6/2023 9:34 AM, jeremy ardley via dovecot wrote:
On 6/7/23 20:49, joe a wrote:
On 7/6/2023 8:12 AM, jeremy ardley via dovecot wrote:
On 6/7/23 19:15, joe a wrote:
If your example was meant to show the correct way, I cannot see any difference between that and what my posted config shows other than the sequential (contiguous?) in your example.
Perhaps try the different configuration out? Or even better, stick to one auithentication method only.
Jeremy
Sorry, not to appear dense or argumentative, but I did not see any difference in your example, vs what exists, other than that in your example they are grouped together.
Is that what you suggest I try, or are my aging eyes and brain missing something there?
How about just using PAM?
In dovecot.conf :
auth_mechanisms = plain login
passdb { driver = pam }
userdb { driver = passwd }
This will then call pam whose config is mainly determined by
cat /etc/pam.d/dovecot #%PAM-1.0
#auth required pam_faillock.so preauth silent audit #auth [default=die] pam_faillock.so authfail audit
@include common-auth @include common-account @include common-session
Assuming the pam config is defaults then you will get pam authenticating local users against the local (unix) passwd file. In turn this will authenticate dovecot users and then postfix users
This may sound complex but it's pretty standard to have postfix --> dovecot --> pam --> unix_local
No help. That way I cannot connect with any user getting "unknown user"
With the original configuration var/log/dovecot-info.log indicats no attempt by postfix for those users that fail. It shows connection dialog for those users that succeed.
I'll be taking a few hours break now,
On 7/6/2023 10:30 AM, joe a wrote:
On 7/6/2023 9:34 AM, jeremy ardley via dovecot wrote:
On 6/7/23 20:49, joe a wrote:
On 7/6/2023 8:12 AM, jeremy ardley via dovecot wrote:
On 6/7/23 19:15, joe a wrote:
If your example was meant to show the correct way, I cannot see any difference between that and what my posted config shows other than the sequential (contiguous?) in your example.
Perhaps try the different configuration out? Or even better, stick to one auithentication method only.
Jeremy
Sorry, not to appear dense or argumentative, but I did not see any difference in your example, vs what exists, other than that in your example they are grouped together.
Is that what you suggest I try, or are my aging eyes and brain missing something there?
How about just using PAM?
In dovecot.conf :
auth_mechanisms = plain login
passdb { driver = pam }
userdb { driver = passwd }
This will then call pam whose config is mainly determined by
cat /etc/pam.d/dovecot #%PAM-1.0
#auth required pam_faillock.so preauth silent audit #auth [default=die] pam_faillock.so authfail audit
@include common-auth @include common-account @include common-session
Assuming the pam config is defaults then you will get pam authenticating local users against the local (unix) passwd file. In turn this will authenticate dovecot users and then postfix users
This may sound complex but it's pretty standard to have postfix --> dovecot --> pam --> unix_local
No help. That way I cannot connect with any user getting "unknown user"
With the original configuration var/log/dovecot-info.log indicats no attempt by postfix for those users that fail. It shows connection dialog for those users that succeed.
I'll be taking a few hours break now,
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Apparently this needed to be added to /etc/postfix/main.cf
local_recipient_maps =
With that, my test email to each defined user is accepted and delivered.
Thanks for the assistance.
joe a.
participants (2)
-
jeremy ardley
-
joe a