Dovecot 2.4 migration / passwd authentication
Hello,
I have problem getting passwd/userdb to work on 2.4. Debian 13 Trixie, Exim4, Dovecot 2.4.0. pop3, lmtp
On a 2.3 system I could use: passdb { driver=passwd-file args = /etc/dovecot/passwd } userdb { driver=static args = uid=vmail gid=vmail home=/home/vmail/%u } service lmtp { unix_listener lmtp { } }
passwd looks like this: test@onedomain.tlda:{BLF-CRYPT}$2y$05$[encoded] test@domain.tld:{ARGON2ID}$argon2id$v=19$m=65536,t=3,p=1$[encoded] test@two-domain.tldb:{ARGON2ID}$argon2id$v=19$m=65536,t=3,p=1$[encoded]
I want to keep the passwd file as is, no extra fields.
mail_uid = vmail mail_gid = vmail mail_home = /var/vmail/%{user} mail_driver = maildir mail_path = /home/vmail/%{user}/Maildir pop3_uidl_format = %{guid}
passdb passwd-file { driver=passwd-file } userdb static { driver=static }
Directory /var/vmail/test@domain.tld exists (empty).
This doesn't work. Error messages: Exim log - attempt to deliver message: ** test@domain.tld R=dovecot_myrouter_lmtp T=dovecot_transport_lmtp: LMTP error after RCPT TO:<test@domain.tld>: 550 5.1.1 <test@domain.tld> User doesn't exist: test@domain.tld
Dovecot debug log: master: Info: Dovecot v2.4.1-4 (7d8c0e5759) starting up for pop3, lmtp (core dumps disabled) auth(info): Info: passwd-file: unknown user - trying the next passdb
lmtp(16933): Debug: Effective uid=0, gid=0, home=/run/dovecot/empty lmtp(16933): Debug: none: root=/home/vmail/raw-mail-user/Maildir, index=, indexpvt=, control=, inbox=, alt= lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: userdb lookup(test@domain.tld): Started userdb lookup lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb: Connecting lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=16922,uid=0): Client connected (fd=16) lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=16922,uid=0): auth input: lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: userdb lookup(test@domain.tld): auth USER input: lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: userdb lookup(test@domain.tld): Userdb lookup failed lmtp(16933): Debug: User session is finished
doveadm user test@domain.tld
field value uid vmail gid vmail home /home/vmail/test@domain.tld mail_path /home/vmail/test@domain.tld/Maildir
How can this be fixed?
Thank you for any help!
John
Sent with Proton Mail secure email.
Does userdb return your user? What does logging with auth_debug=yes
say?
John via dovecot schreef op 2025-07-10 20:57:
Hello,
I have problem getting passwd/userdb to work on 2.4. Debian 13 Trixie, Exim4, Dovecot 2.4.0. pop3, lmtp
On a 2.3 system I could use: passdb { driver=passwd-file args = /etc/dovecot/passwd } userdb { driver=static args = uid=vmail gid=vmail home=/home/vmail/%u } service lmtp { unix_listener lmtp { } }
passwd looks like this: test@onedomain.tlda:{BLF-CRYPT}$2y$05$[encoded] test@domain.tld:{ARGON2ID}$argon2id$v=19$m=65536,t=3,p=1$[encoded] test@two-domain.tldb:{ARGON2ID}$argon2id$v=19$m=65536,t=3,p=1$[encoded]
I want to keep the passwd file as is, no extra fields.
mail_uid = vmail mail_gid = vmail mail_home = /var/vmail/%{user} mail_driver = maildir mail_path = /home/vmail/%{user}/Maildir pop3_uidl_format = %{guid}
passdb passwd-file { driver=passwd-file } userdb static { driver=static }
Directory /var/vmail/test@domain.tld exists (empty).
This doesn't work. Error messages: Exim log - attempt to deliver message: ** test@domain.tld R=dovecot_myrouter_lmtp T=dovecot_transport_lmtp: LMTP error after RCPT TO:<test@domain.tld>: 550 5.1.1 <test@domain.tld> User doesn't exist: test@domain.tld
Dovecot debug log: master: Info: Dovecot v2.4.1-4 (7d8c0e5759) starting up for pop3, lmtp (core dumps disabled) auth(info): Info: passwd-file: unknown user - trying the next passdb
lmtp(16933): Debug: Effective uid=0, gid=0, home=/run/dovecot/empty lmtp(16933): Debug: none: root=/home/vmail/raw-mail-user/Maildir, index=, indexpvt=, control=, inbox=, alt= lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: userdb lookup(test@domain.tld): Started userdb lookup lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb: Connecting lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=16922,uid=0): Client connected (fd=16) lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=16922,uid=0): auth input: lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: userdb lookup(test@domain.tld): auth USER input: lmtp(test@domain.tld)<16933><[some_string]>: Debug: auth-master: userdb lookup(test@domain.tld): Userdb lookup failed lmtp(16933): Debug: User session is finished
doveadm user test@domain.tld
field value uid vmail gid vmail home /home/vmail/test@domain.tld mail_path /home/vmail/test@domain.tld/Maildir
How can this be fixed?
Thank you for any help!
John
Sent with Proton Mail secure email.
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Met vriendelijke groeten,
William David Edwards
Yes, the user is found with "doveadm user", output is in the message.
output with auth_debug = yes:
lmtp(18970): Debug: Effective uid=0, gid=0, home=/run/dovecot/empty lmtp(18970): Debug: none: root=/home/vmail/raw-mail-user/Maildir, index=, indexpvt=, control=, inbox=, alt= lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: userdb lookup(test@domain.tld): Started userdb lookup lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb: Connecting lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=18947,uid=0): Client connected (fd=16) auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth auth: Debug: Read auth token secret from /run/dovecot/auth-token-secret.dat auth: Debug: passwd-file /etc/dovecot/passwd:Read 1 users in 0 secs auth: Debug: conn unix:/run/dovecot/auth-userdb (pid=18970,uid=0): Server accepted connection (fd=19) auth: Debug: master in: USER 1 test@domain.tld protocol=lmtp auth(info): Debug: static: Performing userdb lookup auth(info): Debug: passwd-file: Performing passdb lookup auth(info): Debug: passwd-file: lookup: user=info file=/etc/dovecot/passwd auth(info): Debug: passwd-file: Finished passdb lookup auth(info): Debug: pam: Performing passdb lookup auth(info): Debug: pam: passdb doesn't support credential lookups auth(info): Debug: pam: Finished passdb lookup auth(info): Debug: static: Finished userdb lookup auth: Debug: userdb out: NOTFOUND 1 lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=18947,uid=0): auth input: lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: userdb lookup(test@domain.tld): auth USER input: lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: userdb lookup(test@domain.tld): Userdb lookup failed lmtp(18970): Debug: User session is finished
On Thursday, July 10th, 2025 at 9:51 PM, William David Edwards via dovecot <dovecot@dovecot.org> wrote:
Does userdb return your user? What does logging with
auth_debug=yessay?
I found the cause of the problem. File 20-lmtp.conf (Debian split configuration) contained this section:
protocol lmtp { auth_username_format = %{user | username} }
passdb{} used the prefix from an email address when invoked through lmtp.
Changed this line: auth_username_format = %{user}
This worked and the message is delivered. Thanks for your help William!
The quote below fixes the user name (test).
On Friday, July 11th, 2025 at 5:49 AM, John via dovecot <dovecot@dovecot.org> wrote:
Yes, the user is found with "doveadm user", output is in the message.
output with auth_debug = yes:
lmtp(18970): Debug: Effective uid=0, gid=0, home=/run/dovecot/empty lmtp(18970): Debug: none: root=/home/vmail/raw-mail-user/Maildir, index=, indexpvt=, control=, inbox=, alt= lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: userdb lookup(test@domain.tld): Started userdb lookup
lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb: Connecting
lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=18947,uid=0): Client connected (fd=16)
auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth auth: Debug: Read auth token secret from /run/dovecot/auth-token-secret.dat auth: Debug: passwd-file /etc/dovecot/passwd:Read 1 users in 0 secs auth: Debug: conn unix:/run/dovecot/auth-userdb (pid=18970,uid=0): Server accepted connection (fd=19) auth: Debug: master in: USER 1 test@domain.tld protocol=lmtp auth(info): Debug: static: Performing userdb lookup auth(info): Debug: passwd-file: Performing passdb lookup auth(info): Debug: passwd-file: lookup: user=test file=/etc/dovecot/passwd auth(info): Debug: passwd-file: Finished passdb lookup auth(info): Debug: pam: Performing passdb lookup auth(info): Debug: pam: passdb doesn't support credential lookups auth(info): Debug: pam: Finished passdb lookup auth(info): Debug: static: Finished userdb lookup auth: Debug: userdb out: NOTFOUND 1 lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=18947,uid=0): auth input:
lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: userdb lookup(test@domain.tld): auth USER input:
lmtp(test@domain.tld)<18970><[code]>: Debug: auth-master: userdb lookup(test@domain.tld): Userdb lookup failed
lmtp(18970): Debug: User session is finished
On Thursday, July 10th, 2025 at 9:51 PM, William David Edwards via dovecot dovecot@dovecot.org wrote:
Does userdb return your user? What does logging with
auth_debug=yessay?
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
participants (2)
-
John
-
William David Edwards