Issue connecting to dovecot from remote machine
Hi, I've set up a postfix +dovecot configuration on my debian jessie. But I have a connection issue. When I try to connect from thunderbird it doesn not work. When I check out my debug logs I get : auth-worker(22252): Info: pam(myuser,hostIP): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: correctPassword)
Running doveadm auth test tells me I can authenticate with the same password. So I tried connecting via openssl. When I connect from my local host, everything goes fine :
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready. a login myUser myPassword a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE] Logged in
But when I run the same thing from my remote laptop, I never get any reply from the imap server. It's as if the request wasn't reaching the server. Although I do get a first reply from the server, I just can't log in.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready. a login myUser myPassword
(... and then nothing...)
The port is properly open when I run nmap. I really don't get what's wrong. Any of you has any idea? Here are my versions & conf :
# dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-042stab120.16 x86_64 Debian 8.7 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login cram-md5 auth_verbose = yes auth_verbose_passwords = yes disable_plaintext_auth = no info_log_path = /var/log/maildebug.log mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = failure_show_msg=yes session=yes dovecot driver = pam } passdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } protocols = " imap" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 ssl = yes } } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 } } ssl = required ssl_cert = </etc/ssl/certs/mailcert.pem ssl_key = </etc/ssl/private/mail.key userdb { driver = passwd } userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } verbose_ssl = yes
Thanks a lot
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Sat, 18 Feb 2017, Antoine Sirven wrote:
I've set up a postfix +dovecot configuration on my debian jessie. But I have a connection issue. When I try to connect from thunderbird it doesn not work. When I check out my debug logs I get : auth-worker(22252): Info: pam(myuser,hostIP): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: correctPassword)
Running doveadm auth test tells me I can authenticate with the same password. So I tried connecting via openssl. When I connect from my local host, everything goes fine :
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready. a login myUser myPassword a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE] Logged in
But when I run the same thing from my remote laptop, I never get any reply from the imap server. It's as if the request wasn't reaching the server. Although I do get a first reply from the server, I just can't log in.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready. a login myUser myPassword
(... and then nothing...)
I would:
sniff the connection on the mail server, if there is traffic after sending the login
test if you can log in locally while the remote connection hangs
does PAM performs some IP checks?
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWKqpmnz1H7kL/d9rAQLMCAf8CWN6vjosNYc9YjF7gGtXTLTUjqLon0an fIO/ia+esglLuKLzu1VQ2cBSDcHgUhXscrMVwwf8SZxpK/xGL9FrwYEQf48dGym2 hp/csY5GjR2erDeKJYKQHkcgEpKhK1pveNIbVs5Z50mjHwbAuKIm92uNlxi8SJ08 DI5fNynUwisfcugAyaD3rcmylkDNSwRFaJMqyGGsIlSGBhy/e6rwxGZqpVsYoCk2 Tx6wHWRcg1p48EzqQbH+qpImRJiQhmsvrSDbqAcj0JDQr6ZvNw6ZyCmjniHZrgt3 GtSwupY8Wp3q0RXV+B2D6D12AjJC+vBfDJalS7Bu0cLDIVdSyv/RRQ== =Hw5M -----END PGP SIGNATURE-----
Thanks for your reply Steffen. Well I basically uninstalled everything and started from scratch. it now works just fine. I guess I messed something up along the way the first time. Thanks Antoine
Le 20/02/2017 à 09:32, Steffen Kaiser a écrit :
On Sat, 18 Feb 2017, Antoine Sirven wrote:
I've set up a postfix +dovecot configuration on my debian jessie. But I have a connection issue. When I try to connect from thunderbird it doesn not work. When I check out my debug logs I get : auth-worker(22252): Info: pam(myuser,hostIP): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: correctPassword)
Running doveadm auth test tells me I can authenticate with the same password. So I tried connecting via openssl. When I connect from my local host, everything goes fine :
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready. a login myUser myPassword a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE] Logged in
But when I run the same thing from my remote laptop, I never get any reply from the imap server. It's as if the request wasn't reaching the server. Although I do get a first reply from the server, I just can't log in.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready. a login myUser myPassword
(... and then nothing...)
I would:
sniff the connection on the mail server, if there is traffic after sending the login
test if you can log in locally while the remote connection hangs
does PAM performs some IP checks?
-- Steffen Kaiser
participants (2)
-
Antoine Sirven
-
Steffen Kaiser