user lookup fails username is SHA256 @domain
Hi all,
I'm currently building a replacement personal mailserver on Debian 11 (hopefully upgrade it to 12 and it will continue to work).
My existing personal mailserver is serving a handful of mailboxes for three domains, virtual users, on an older version of Debian.
When I attempt to deliver mail to the server (using swaks) it is accepted by Exim and passed to lda, as per the logs below the lda is somehow seeing the CRYPT entry as if it was the local part?
Output from syslog:
Jul 16 09:50:02 imap2 dovecot: lda({SHA256-CRYPT}generated-sha@example.domain)<700316><>: Debug: auth-master: userdb lookup({SHA256-CRYPT}generated-sha@example.domain): Started userdb lookup Jul 16 09:50:02 imap2 dovecot: lda({SHA256-CRYPT}generated-sha@example.domain)<700316><>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb: Connecting Jul 16 09:50:02 imap2 dovecot: lda({SHA256-CRYPT}generated-sha@example.domain)<700316><>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=700293,uid=0): Client connected (fd=9)
Jul 16 09:50:02 imap2 dovecot: auth: Debug: master in: USER#0111#011{SHA256-CRYPT}generated-sha@example.domain#011service=lda Jul 16 09:50:02 imap2 dovecot: auth: Username character disallowed by auth_username_chars: 0x7b (username: {SHA256-CRYPT}generated-sha@example.domain) Jul 16 09:50:02 imap2 dovecot: auth: Debug: userdb out: NOTFOUND#0111 Jul 16 09:50:02 imap2 dovecot: lda({SHA256-CRYPT}generated-sha@example.domain)<700316><>: Debug: auth-master: userdb lookup({SHA256-CRYPT}generated-sha@example.domain): auth USER input: Jul 16 09:50:02 imap2 dovecot: lda({SHA256-CRYPT}generated-sha@example.domain)<700316><>: Debug: auth-master: userdb lookup({SHA256-CRYPT}generated-sha@example.domain): Userdb lookup failed Jul 16 09:50:02 imap2 dovecot: lda(700316): Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=700293,uid=0): Disconnected: Connection closed (fd=9)
From what I've read 0x7b is hex for { so disallowed by auth_username_chars line is because of this problem.
Doveconf -n output:
# 2.3.20 (80a5ac675d): /etc/dovecot/dovecot.conf # OS: Linux 5.10.0-21-amd64 x86_64 Debian 11.6 # Hostname: mailserver.fqdn auth_debug = yes auth_debug_passwords = yes auth_verbose = yes mail_debug = yes mail_location = maildir:~/Maildir namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/vmail/%d/passwd driver = passwd-file } protocols = " imap" service auth { unix_listener auth-client { group = Debian-exim mode = 0660 } } service stats { unix_listener stats-reader { group = vmail mode = 0660 user = vmail } unix_listener stats-writer { group = vmail mode = 0660 user = vmail } } ssl = required ssl_cert = </path/to/cert.pem ssl_client_ca_dir = /etc/ssl/certs ssl_key = # hidden, use -P to show it userdb { args = uid=vmail gid=vmail home=/var/local/vmail/%d/%u driver = static }
Example of line in passwd file:
username:{SHA256-CRYPT}generated-sha
I followed https://doc.dovecot.org/configuration_manual/howto/simple_virtual_install/ before posting to ensure I hadn't missed something obvious.
Any thoughts on this would be appreciated.
Thanks
Daniel
participants (1)
-
Daniel Botting