[Dovecot] deliver fails - passdb doesn't support lookups?
Hello,
I'm trying to get deliver (the LDA) to function properly. I can get
it to work without doing a user lookup, but for my own sense of
sanity, I want to know what I'm doing wrong getting user lookups
working. (I'm using dovecot 1.0.10).
Here's what I have in the "auth default" section:
auth default {
mechanisms = plain login
passdb ldap {
args= /var/lib/dovecot/dovecot-ldap.conf
}
userdb static {
args = uid=3728 gid=3728 home=/domains/%Ld/%Ln
}
user = vpopmail
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vpopmail
group = vchkpw
}
client {
path = /var/run/dovecot/auth-client
mode = 0660
}
}
}And yet, when I run deliver, I get no warnings, no errors, and most especially, no email delivered. Here's how I call deliver:
cat testemail | setuidgid vpopmail \
/usr/local/libexec/dovecot/deliver \
-d testuser@example.comI tried running deliver within strace, and here's what I found. It opens up the authentication socket and writes:
VERSION\t1\t0\nUSER\t1\ttestuser@example.com\tservice=deliver\nAnd it gets back:
VERSION\t1\t0\nSPID\t10917\nFAIL\t1\n"If I understand the authentication protocol correctly, that means an internal error occurred.
The dovecot log file reports this:
Error: auth(default): static(testuser@example.com): passdb doesn't
support lookups, can't verify user's existencepassdb? I thought it was the userdb that was important! What's going on here?
~Kyle
Men, as an organization, are getting more women than any other group working anywhere in the world. Wherever women are, we have men looking into it. -- Jerry Seinfeld
On Wed, 12 Mar 2008, Kyle Wheeler wrote:
I'm trying to get
deliver(the LDA) to function properly. I can get it to work without doing a user lookup, but for my own sense of sanity, I want to know what I'm doing wrong getting user lookups working. (I'm using dovecot 1.0.10).Here's what I have in the "auth default" section: args = uid=3728 gid=3728 home=/domains/%Ld/%Ln
passdb? I thought it was the userdb that was important! What's going on here?
With a static userdb, dovecot still wants to verify that the user exists with a passdb lookup. If your MTA is configured to verify that the user exists before passing mails to the LDA, you safely tell userdb to disable this check by addding "allow_all_users=yes" to your passdb args.
On Wednesday, March 12 at 11:40 AM, quoth Andrew Roberts:
On Wed, 12 Mar 2008, Kyle Wheeler wrote:
I'm trying to get
deliver(the LDA) to function properly. I can get it to work without doing a user lookup, but for my own sense of sanity, I want to know what I'm doing wrong getting user lookups working. (I'm using dovecot 1.0.10).Here's what I have in the "auth default" section: args = uid=3728 gid=3728 home=/domains/%Ld/%Ln
passdb? I thought it was the userdb that was important! What's going on here?
With a static userdb, dovecot still wants to verify that the user exists
with a passdb lookup. If your MTA is configured to verify that the user
exists before passing mails to the LDA, you safely tell userdb to disable
this check by addding "allow_all_users=yes" to your passdb args.
Ahhh! That makes sense, thank you! Okay, so allow_all_users=yes would make it work... but what if I do want it to check users. What might I have wrong in my ldap settings that would prevent it from looking up users? And what kind of a performance penalty do I pay for making that lookup?
~Kyle
The best way to know God is to love many things. -- Vincent Van Gogh
participants (2)
-
Andrew Roberts
-
Kyle Wheeler