[Dovecot] SMTP Auth Issue for non /etc/passwd accounts
Folks - With Dovecot 1.0.7, we're seemingly unable to authenticate users for out-going SMTP access who are not residing directly within the main system passwd/shadow files.
(I.e. the users seeded within our non-system "dovecot" userdbs & passwd files have no "smtp-auth" joy! (Ye olde "Relaying denied. Proper authentication required")
I've mucked around with this from several different angles and clearly saslauthd is the sticking point in terms of "locking-in" on the /etc system files ONLY for smtp-auth. Our defined dovecot user/passwd files are entirely ignored. Can anyone provide a direction regarding the appropriate smtp-auth in-road? Thanks, -M
Regards, M
Timo - As requested. Regards -M
# 1.0.7: /etc/dovecot.conf protocols: imaps pop3s login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_debug: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: mechanisms: plain login verbose: yes debug: yes debug_passwords: yes passdb: driver: passwd-file args: /etc/dovecot/passwd userdb: driver: passwd-file args: /etc/dovecot/users plugin: quota: fs:User quota:user
Timo Sirainen previously stated:
--=-iPJ6jItww80nCifhvoQO Content-Type: text/plain Content-Transfer-Encoding: quoted-printable
On Fri, 2009-07-17 at 11:50 -0400, Mark R. Baith wrote:
Folks - With Dovecot 1.0.7, we're seemingly unable to authenticate users for out-going SMTP access who are not residing directly within the main system passwd/shadow files.
Post your dovecot -n output.
--=-iPJ6jItww80nCifhvoQO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAkpgqm8ACgkQyUhSUUBViskj3QCdEdMosmmNXPCAcUuYcaS7Wj3V E78An2AF7WxlTjLRNfKq03pya1OZVFdT =ei+R -----END PGP SIGNATURE-----
--=-iPJ6jItww80nCifhvoQO--
--
Mark R. Baith
University of Maryland (UMD) Earth System Science Interdisciplinary Center (ESSIC) mbaith@essic.umd.edu / (301)314.2629
On Fri, 2009-07-17 at 12:47 -0400, markb@essic.umd.edu wrote:
auth default: mechanisms: plain login verbose: yes debug: yes debug_passwords: yes passdb: driver: passwd-file args: /etc/dovecot/passwd userdb: driver: passwd-file args: /etc/dovecot/users
OK, so you haven't configured anything except passwd-file and you haven't configured any auth sockets either.
Folks - With Dovecot 1.0.7, we're seemingly unable to authenticate users for out-going SMTP access who are not residing directly within the main system passwd/shadow files.
Which means you haven't configured your MTA to authenticate using Dovecot!
You didn't mention what MTA you're using.. If you're using Postfix or Exim, see http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL or http://wiki.dovecot.org/HowTo/EximAndDovecotSASL
Timo - Sorry: We forwarded one of the many dovecot.confs we've been playing with; (that one had auth turned off;)
We're using "sendmail." Here's the auth dovecot.conf;
# 1.0.7: /etc/dovecot.conf protocols: imaps pop3s login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_debug: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: mechanisms: plain login verbose: yes debug: yes debug_passwords: yes passdb: driver: passwd-file args: /etc/dovecot/passwd userdb: driver: passwd-file args: /etc/dovecot/users socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 384 plugin: quota: fs:User quota:user
On Fri, July 17, 2009 12:55 pm, Timo Sirainen wrote:
On Fri, 2009-07-17 at 12:47 -0400, markb@essic.umd.edu wrote:
auth default: mechanisms: plain login verbose: yes debug: yes debug_passwords: yes passdb: driver: passwd-file args: /etc/dovecot/passwd userdb: driver: passwd-file args: /etc/dovecot/users
OK, so you haven't configured anything except passwd-file and you haven't configured any auth sockets either.
Folks - With Dovecot 1.0.7, we're seemingly unable to authenticate users for out-going SMTP access who are not residing directly within the main system passwd/shadow files.
Which means you haven't configured your MTA to authenticate using Dovecot!
You didn't mention what MTA you're using.. If you're using Postfix or Exim, see http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL or http://wiki.dovecot.org/HowTo/EximAndDovecotSASL
-- Mark R. Baith
University of Maryland (UMD) Earth System Science Interdisciplinary Center (ESSIC) mbaith@essic.umd.edu / P:(301)314.2629 / F:(301)405.8648
On Fri, 2009-07-17 at 13:28 -0400, Mark R. Baith wrote:
Timo - Sorry: We forwarded one of the many dovecot.confs we've been playing with; (that one had auth turned off;)
We're using "sendmail." Here's the auth dovecot.conf;
Well, Sendmail doesn't support doing authentication via Dovecot. You'll need to figure out something else. I don't know if Cyrus SASL (which Sendmail uses for auth) supports passwd-like files. I think it doesn't.
participants (3)
-
Mark R. Baith
-
markb@essic.umd.edu
-
Timo Sirainen