[Dovecot] Hybrid of linux user accounts and virtual user accounts configuration
So some system users have their email forward to Maildir in their /home/user directory (virtual_alias_maps) for their domain . This I have working! And the rest are non-system users, ie virtual users listed in a plain text file and their MailDir will be in /home/vmial/domain.com/user/
The virtual user part is working 100% with postfix and dovecot accepting mail for each virtual alias and system account holders popping in to retrieve their mail.
The second part is working 50%. I have email for virtual users going into /home/vmail/domain.com where they are supposed to go. Now, I am very confused on how to configure dovecot to allow folks without system accounts to login and retrieve their email. I have been going through one guide after another. When I start changing things I break the first working part, the system accounts being able to get their mail. Changes to dovecot.conf to get the second working negatively impact the first.
Also, a lot of documentation is out of date, which further complicates matters.
Postfix/Dovecot: Postfix version: 2.6.6 Dovecot version: 2.0.9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 12 Feb 2014, Derek Winterstien wrote:
The virtual user part is working 100% with postfix and dovecot accepting mail for each virtual alias and system account holders popping in to retrieve their mail.
So that probably means that you've added an userdb for the virtual users. We don't know without doveconf -n output.
The second part is working 50%. I have email for virtual users going into /home/vmail/domain.com?? where they are supposed to go. Now, I am very confused on how to configure dovecot to allow folks without system accounts to login and retrieve their email. I have been going through one guide after another. When I start changing things I break the first working part, the system accounts being able to get their mail. Changes to dovecot.conf to get the second working negatively impact the first.
Add yet another passdb section behind the already existing one, as you've did with the userdb for the virtual users.
This doc is not out-of-date: http://wiki2.dovecot.org/Authentication/MultipleDatabases
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUvyem3D1/YhP6VMHAQIPYAf7BFfI89/heEhgl/N1tsn9KCPdfBPAXnLR JKpCNGHPZqxro1dW5knoGtoeRIsG1AIV9jj8wFjcK59LmJBpPg79iPhDM0beU+Uf cOJ3phKjgLkQkbX0TnwOBcFYbCkzalNcmXO2egef5Bvh1RHtejj0JSM7Dzu5b+FR OV91RI3UFPa0FZFPcSgE6sqxOXRo70uNTdAVKF+0sFGuNHmtK4OfgvWFzPRdDeRT u/c9fzjODHH8PEJAvo7jABt6xqkGul1QcLn/FaDQbILFY2YBisger7AcswTcQlbU +8qzuPwx29spjlr5Iwjz8TjtXks0vbyhlkSn+YwbYS8hlF/2Xg8L3Q== =Lhvh -----END PGP SIGNATURE-----
Hi Derek,
I have done this in reverse order. I used a short howto with users in LDAP. It uses an an LDAP schema called iredmail.schema that lets me create virtual domains and mail users that aren't posix users. I have my posix users under ou=users and my virtual users under ou=domains. Haven't setup mail delivery yet but the lda will need some sort of setuid access to write mail to the user folders.
Hope this helps ...
Murray
On 13 February 2014 11:34:04 AM AWST, Derek Winterstien 14dovecotml@robotz.com wrote:
So some system users have their email forward to Maildir in their /home/user directory (virtual_alias_maps) for their domain >. This I have working! And the rest are non-system users, ie virtual users listed in a plain text file and their MailDir will be in /home/vmial/domain.com/user/
The virtual user part is working 100% with postfix and dovecot accepting mail for each virtual alias and system account holders popping in to retrieve their mail.
The second part is working 50%. I have email for virtual users going into /home/vmail/domain.com > > where they are supposed to go. Now, I am very confused on how to configure dovecot to allow folks without system accounts to login and retrieve their email. I have been going through one guide after another. When I start changing things I break the first working part, the system accounts being able to get their mail. Changes to dovecot.conf to get the second working negatively impact the first.
Also, a lot of documentation is out of date, which further complicates matters.
Postfix/Dovecot: Postfix version: 2.6.6 Dovecot version: 2.0.9
-- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 13 Feb 2014, Murray Trainer wrote:
Haven't setup mail delivery yet but the lda will need some sort of setuid access to write mail to the user folders.
That's one reason I switched to LMTP at last.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUvzdY3D1/YhP6VMHAQLU2Qf/fG7jf1pu64axgR45wm3n5LUc46Wa8IK3 vEfJMlwD9/ri/gCnFZVmV+nEmYMUKAowLfQbIPFY4aFbhjLfHA16B6FTZplpni7+ XppI2JYLHeRZVcE7inc9lxIv1OFyCo1bFE7yw3eTRffLPwA980IxCsNG3u6xlUvt zJmBsfYTvsMHjppxKDWP8f6Mnq0ST3K7ZJMIi3KTixOBDTSX1uIB/0i7LDSuBTqf mvEm9XXrKurF6nJLrnGxLesJDYHFT1eOYTte1FNE0GUpFrhu12XaVOP8XF2TlEMe zkNfKXYfgRgRClOeOfylw2WeJajoGIL9IrHiBw/G2bOlUDpa7qaSFQ== =+wUY -----END PGP SIGNATURE-----
Hello again. I have my virtual users working now. Postfix delivers mail, and dovecot retrieves it for pop and imap users in the virtual user database. Just one more thing though, it is understood that dovecot is going to ask pam to check first for a unix account, which will fail, then dovecot tries the virtual user text file, and succeeds when the user is located. However, the pam error generated in the secure log is ugly.
auth: pam_succeed_if(dovecot:auth): error retrieving information about user foo
I would like to suppress this error, only when dovecot succeeds from the virtual user text file. However, still report the pam error when no valid user exists in either. Is this possible?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 13 Feb 2014, Derek Winterstien wrote:
and dovecot retrieves it for pop and imap users in the virtual user database. Just one more thing though, it is understood that dovecot is going to ask pam to check first for a unix account, which will fail, then dovecot tries the virtual user text file, and succeeds when the user is located. However, the pam error generated in the secure log is ugly.
auth: pam_succeed_if(dovecot:auth): error retrieving information about user foo
I would like to suppress this error, only when dovecot succeeds from the virtual user text file. However, still report the pam error when no valid user exists in either. Is this possible?
change the order of passdb {} sections.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUv3UDXD1/YhP6VMHAQK3uQf+N/Px+8tpuu4KX7kv/ND45h75zCN0/2Vq 28eAdKFeSAsKI0Swq6hWFjoK9+oDB8mGo2sXtsIZwHT54V2cTGcZqxZfptBTvJSF URE9kO7togLgwnzKrnwIfmFHwZkFb/vvphHWYe+/E5v8m8J6rsoGrRCB2+mk47H8 rmvYd2zd7CJmOsesRqOqEhzktDBATrYjJsJnkZ9ILW487M7Br6yZA62w0QqzkL59 nvhYcrP0SQlqr6DBDnv6zrp7Z1v6BgwP5Tsidt/Qi21sTO3W9tFcSbtJ7C6u+cP9 fa/mODX3SD9WJRY23rd7b4awdCQdEjJn7RyL0hKiG4cOH7Xn7PLNOg== =pmmi -----END PGP SIGNATURE-----
participants (3)
-
Derek Winterstien
-
Murray Trainer
-
Steffen Kaiser