[Dovecot] wrong authentication for local delivery

6 Jan 2013 · *Jan 6 17:31:06 f42252se dovecot: auth: Debug: auth(avadmin,192.168.110.165): username changed avadmin -> avadmin@av.loc*


      Hi all there,
I have a postfix/dovecot environment running with ldap authentication.
I am able to deliver e-Mails to the internet and also receive them via
fetchmail.
I have a pure local domain (av.loc). Just for internal purpuse.
For all mails where destination is a local mailbox, as for all of the
local domain, delivery does not work.
Here I can show some logs of such a process:
+++
Here the process starts (I have sent an e-Mail to myself).
Jan  6 17:31:06 f42252se dovecot: auth: Debug: auth client connected
(pid=13250)
Jan  6 17:31:06 f42252se dovecot: auth: Debug: client in:
AUTH#0111#011PLAIN#011service=smtp#011nologin#011lip=192.168.110.150#011rip=192.168.110.165#011secured#011resp=<hidden>
Jan  6 17:31:06 f42252se dovecot: auth: Debug:
ldap(avadmin,192.168.110.165): pass search:
base=ou=user,dc=averlon,dc=loc scope=onelevel
filter=(&(objectClass=posixAccount)(uid=avadmin)) fields=mail,userPassword
*Jan  6 17:31:06 f42252se dovecot: auth: Debug:
auth(avadmin,192.168.110.165): username changed avadmin -> avadmin@av.loc*
Jan  6 17:31:06 f42252se dovecot: auth: Debug:
ldap(avadmin@av.loc,192.168.110.165): result:
userPassword(password)=<hidden> mail(user)=avadmin@av.loc
Jan  6 17:31:06 f42252se dovecot: auth: Debug: client out:
OK#0111#011user=avadmin@av.loc#011mail=/home/vmail/avadmin/Maildir/
Jan  6 17:31:06 f42252se postfix/smtpd[13250]: 69FDB30007C:
client=f42252ud.averlon.loc[192.168.110.165], sasl_method=PLAIN,
sasl_username=avadmin@av.loc
Jan  6 17:31:06 f42252se postfix/cleanup[13251]: 69FDB30007C:
message-id=50E9A6C8.1090805@av.loc
Jan  6 17:31:06 f42252se postfix/qmgr[11960]: 69FDB30007C:
from=avadmin@av.loc, size=1224, nrcpt=1 (queue active)
Jan  6 17:31:06 f42252se postfix/smtpd[13250]: disconnect from
f42252ud.averlon.loc[192.168.110.165]
Jan  6 17:31:09 f42252se postfix/pickup[11959]: 19A2E30007F: uid=5002
from=avadmin@av.loc
Jan  6 17:31:09 f42252se postfix/cleanup[13251]: 19A2E30007F:
message-id=50E9A6C8.1090805@av.loc
Jan  6 17:31:09 f42252se postfix/qmgr[11960]: 19A2E30007F:
from=avadmin@av.loc, size=1531, nrcpt=1 (queue active)
Jan  6 17:31:09 f42252se postfix/pipe[13252]: 69FDB30007C:
to=avadmin@av.loc, relay=spamassassin, delay=2.7, delays=0.01/0/0/2.7,
dsn=2.0.0, status=sent (delivered via spamassassin service)
Jan  6 17:31:09 f42252se postfix/qmgr[11960]: 69FDB30007C: removed
Jan  6 17:31:09 f42252se dovecot: auth: Debug: master in:
USER#0111#011avadmin@av.loc#011service=lda
*Jan  6 17:31:09 f42252se dovecot: auth: Debug: ldap(avadmin@av.loc):
pass search: base=ou=user,dc=averlon,dc=loc scope=onelevel
filter=(&(objectClass=posixAccount)(uid=avadmin@av.loc))
fields=mail,userPassword*
Jan  6 17:31:09 f42252se dovecot: auth: ldap(avadmin@av.loc): unknown user
Jan  6 17:31:09 f42252se dovecot: auth: Debug: master out: NOTFOUND#0111
+++
I have configured my thunderbird to have a username to authenticate
against ldap.
In the first steps above the authentication of the sender works.
But then, when delivering to the receiver, dovecot uses the e-Mail
address of the receiver to check the password.
I do not know why dovecot chechs the password of the receiver before
delivery.
I do neither know where to switch that off or set some changes in the
configuration to avoid that process. Probably it is correct?
But anyhow, the setup ldap-procedure just checks the username and no
e-Mail address.
Dovecot konfig:
+++
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-35-generic x86_64 Ubuntu 12.04.1 LTS
auth_debug = yes
auth_mechanisms = plain login cram-md5
auth_username_format = %Lu
auth_verbose = yes
hostname = mail.av.loc
mail_gid = vmail
mail_location = maildir:~/Maildir
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocols = imap pop3
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
ssl_cert = 
+++
As always, I would appreciate some hints.
Thanks in advance.
--
Signatur Averlon info
Mit freundlichen Grüßen / Kind Regards
Karl-Heinz Fischbach
Skype: khfischbach
jabber: averlon@jabber.org
Blog: averlon.posterous.com
Signatur:
Diese e-mail ist unter Umständen signiert. Die Signatur entspricht dem
Deutschen Signaturgesetz und entsprechenden europäischen Regelungen.
Important Note:
This e-mail may contain trade secrets or privileged, undisclosed or
otherwise confidential information. If you have received this e-mail in
error, you are hereby notified that any review, copying or distribution
of it is strictly prohibited. Please inform us immediately and destroy
the original transmittal.

Averlon

tags

participants (1)