[Dovecot] ACL and SSL
The Doctor
doctor at doctor.nl2k.ab.ca
Mon Nov 19 19:55:56 EET 2012
On Sat, Nov 17, 2012 at 05:23:43PM -0700, Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem wrote:
> Finally got Dovecot to work on ports 100 and 143.
>
> I would like to
>
> a) Learn about ACL esp on port 110 as there are still yodellaks that try
> to brake in on port 110.
>
> b) Setting up separate SSL cert for imaps and pop3s.
Found this one out easily, however new issue:
Nov 19 09:21:23 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS
Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser
Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt=
Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions
Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1
Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755)
Nov 19 09:21:23 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information.
Nov 19 09:21:27 doctor dovecot: pop3-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server, TLS
Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser
Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt=
Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions
Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1
Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755)
Nov 19 09:21:27 doctor dovecot: POP3(MOEuser):Error: Invalid user settings. Refer to server log for more information.
Nov 19 09:21:35 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server
Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser
Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt=
Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions
Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1
Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755)
Nov 19 09:21:35 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information.
Nov 19 09:21:48 doctor dovecot: imap-login: Login: user=<MOEuser>, method=PLAIN, rip=208.118.93.81, lip=local mail server
Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Effective uid=2618, gid=2991, home=/usr/home/MOEuser
Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: fs: root=/usr/home/MOEuser/mail, index=, control=, inbox=/var/mail/MOEuser, alt=
Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : /usr/home/MOEuser/mail doesn't exist yet, using default permissions
Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Debug: Namespace : Using permissions from /usr/home/MOEuser/mail: mode=0700 gid=-1
Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: user MOEuser: Initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/usr/home/MOEuser/mail) failed: Permission denied (euid=2618(MOEuser) egid=2991(sc) missing +w perm: /usr/home/MOEuser, dir owned by 0:2991 mode=0755)
Nov 19 09:21:48 doctor dovecot: IMAP(MOEuser):Error: Invalid user settings. Refer to server log for more information.
The MOEuser atnds for Microsoft Outlook Express user.
The credentials were correct i.e. user/pw but
Dovecot kept reject the user.
I heard similar complants from M$ Mail, OE, and Outlook users
doveconf -n
# 2.1.10: /usr/dovecot2/etc/dovecot/dovecot.conf
# OS: BSD/OS 4.3 i386
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
first_valid_uid = 100
listen = [::]
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
mail_debug = yes
mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_log_prefix = %Us(%u):
mdbox_rotate_size = 2 k
passdb {
args = /etc/master.passwd
driver = passwd-file
}
plugin {
home = /usr/dovecot2
}
protocols = imap pop3
service auth {
executable = /usr/dovecot2/libexec/dovecot/auth
user = root
}
service imap-login {
chroot = login
client_limit = 256
executable = /usr/dovecot2/libexec/dovecot/imap-login
inet_listener imap {
address = local mail server
port = 143
}
inet_listener imaps {
address = local mail server
port = 993
ssl = yes
}
process_limit = 128
process_min_avail = 3
service_count = 1
user = dovecot
}
service imap {
executable = /usr/dovecot2/libexec/dovecot/imap
process_limit = 512
}
service pop3-login {
chroot = login
client_limit = 256
executable = /usr/dovecot2/libexec/dovecot/pop3-login
inet_listener pop3s {
address = local mail server
port = 995
ssl = yes
}
process_limit = 128
process_min_avail = 3
service_count = 1
user = dovecot
}
service pop3 {
executable = /usr/dovecot2/libexec/dovecot/pop3
process_limit = 512
}
ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL
ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key
userdb {
driver = passwd
}
userdb {
args = /etc/passwd
driver = passwd-file
}
verbose_ssl = yes
local local mail server {
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
imap_idle_notify_interval = 2 mins
imap_logout_format = bytes=%i/%o
imap_max_line_length = 64 k
mail_max_userip_connections = 10
mail_plugin_dir = /usr/dovecot2/lib/dovecot/imap
ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL
ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key
verbose_ssl = yes
}
}
local local mail server {
protocol pop3 {
mail_max_userip_connections = 3
mail_plugins =
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_enable_last = yes
pop3_lock_session = yes
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = yes
pop3_reuse_xuidl = yes
pop3_save_uidl = no
pop3_uidl_format = %08Xu%08Xv
ssl_cert = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.crt
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL
ssl_key = </usr/dovecot2/etc/dovecot/ssl/pop3.nk.ca.key
verbose_ssl = yes
}
}
Thunderbird works.
Why are M$ mail clients messing up?
>
> --
> For effective Internet Etiquette and communications read
> http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html
> & http://www.caliburn.nl/topposting.html
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
--
Member - Liberal International This is doctor at nl2k.ab.ca Ici doctor at nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising!
http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013
More information about the dovecot
mailing list