[Dovecot] unknown users
Firma Averlon
info at averlon.net
Thu Jan 10 06:53:37 EET 2013
Hi,
I know that the ldap query does not return the result I expected.
Question is why.
Question is why does doevcot look at ldap with the recipients e-Mail
address. What does dovecot look for?
Yes, I know, it is a password request. But why look for a password for
the recipients e-Mail address user?
Since I have static userdb the mailbox to deliver to is defined.
I agree, since the delivery mailbox has "%n" as part of the path, the
"uid" must get looked up somewhere, probably via ldap. But how to
configure this.
+++
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-35-generic x86_64 Ubuntu 12.04.1 LTS
auth_debug = yes
auth_mechanisms = plain login cram-md5
auth_username_format = %Lu
hostname = mail.av.loc
mail_gid = vmail
mail_location = maildir:~/Maildir
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocols = imap pop3 sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_cipher_list =
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_key = </etc/ssl/private/dovecot.pem
syslog_facility = avdove
userdb {
args = uid=vmail gid=vmail home=/home/vmail/%n
driver = static
}
protocol lda {
mail_plugins = " sieve"
sendmail_path = /usr/sbin/sendmail
}
+++
In addition to my info before, here is my ldap file.
+++
hosts = localhost
dn = cn=aadmin,dc=averlon,dc=loc
#dnpass =
sasl_bind = no
auth_bind = no
ldap_version = 3
base = ou=user,dc=averlon,dc=loc
scope = onelevel
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,
=mail=/home/vmail/%n/Maildir/
user_filter = (&(objectClass=posixAccount)(uid=%u))
pass_attrs = uid=user,userPassword=password
pass_filter = (&(objectClass=posixAccount)(uid=%u))
default_pass_scheme = MD5-CRYPT
+++
I have switched off
"smtpd_tls_loglevel = 2"
Be ensured I have looked at the ldap page - but I am currently lost
where to configure what.
Regards
Karl-Heinz Fischbach
Am 08.01.2013 01:11, schrieb /dev/rob0:
> On Mon, Jan 07, 2013 at 08:00:37PM +0100, Averlon wrote:
>> can anyone tell me where these "unknown users" come from.
>> Jan 7 19:43:11 f42252se postfix/pipe[14632]: 9A86C30007C:
>> to=<redmine at averlon.loc>, relay=spamassassin, delay=2.2,
>> delays=0.05/0/0/2.1, dsn=2.0.0, status=sent (delivered via
>> spamassassin service)
>> Jan 7 19:43:11 f42252se postfix/qmgr[14561]: 9A86C30007C: removed
> The original message is successfully delivered to your content
> filter.
>
>> Jan 7 19:43:11 f42252se dovecot: auth: Debug: master in:
>> USER#0111#011redmine at averlon.loc#011service=lda
>> Jan 7 19:43:11 f42252se dovecot: auth: Debug:
>> ldap(redmine at averlon.loc): pass search:
>> base=ou=user,dc=averlon,dc=loc scope=onelevel
>> filter=(&(objectClass=posixAccount)(uid=redmine at averlon.loc))
>> fields=uid,userPassword
> Here's one of your LDAP queries.
>
>> Jan 7 19:43:11 f42252se dovecot: auth: ldap(redmine at averlon.loc):
>> *unknown user*
>> Jan 7 19:43:11 f42252se dovecot: auth: Debug: master out: NOTFOUND#0111
>> Jan 7 19:43:11 f42252se postfix/pipe[14637]: BE0AC30007F:
>> to=<redmine at averlon.loc>, relay=dovecot, delay=0.02, delays=0/0/0/0.01,
>> dsn=5.1.1, status=bounced (user unknown)
> The content filter reinjects via sendmail(1), and the pipe(8) to the
> Dovecot LDA fails. Your LDAP query is not returning what you expect,
> or you're not querying for the right thing.
>
>> Jan 7 19:43:11 f42252se postfix/cleanup[14631]: C279030007E:
>> message-id=<20130107184311.C279030007E at mail.av.loc>
>> Jan 7 19:43:11 f42252se postfix/qmgr[14561]: C279030007E: from=<>,
>> size=3182, nrcpt=1 (queue active)
>> Jan 7 19:43:11 f42252se postfix/bounce[14639]: BE0AC30007F: sender
>> non-delivery notification: C279030007E
>> Jan 7 19:43:11 f42252se postfix/qmgr[14561]: BE0AC30007F: removed
>> Jan 7 19:43:11 f42252se dovecot: auth: Debug: master in:
>> USER#0111#011avadmin at av.loc#011service=lda
>> Jan 7 19:43:11 f42252se dovecot: auth: Debug: ldap(avadmin at av.loc):
>> pass search: base=ou=user,dc=averlon,dc=loc scope=onelevel
>> filter=(&(objectClass=posixAccount)(uid=avadmin at av.loc))
>> fields=uid,userPassword
> There's another one of your queries, looking up the sender address
> for delivery of the bounce.
>
>> Jan 7 19:43:11 f42252se dovecot: auth: ldap(avadmin at av.loc): *unknown user*
>> Jan 7 19:43:11 f42252se dovecot: auth: Debug: master out: NOTFOUND#0111
>> Jan 7 19:43:11 f42252se postfix/pipe[14637]: C279030007E:
>> to=<avadmin at av.loc>, relay=dovecot, delay=0.01, delays=0/0/0/0.01,
>> dsn=5.1.1, status=bounced (user unknown)
>> Jan 7 19:43:11 f42252se postfix/qmgr[14561]: C279030007E: removed
> Same thing happens to the bounce. Being undeliverable, your mail is
> gone.
>
>> +++
>> Tell me what you need as additional info.
> Turn off verbose logging in Postfix, as Charles pointed out. I guess
> it's only the TLS logging that you have made verbose.
>
> Review the Dovecot wiki / wiki2 (you didn't say what version you are
> using?) page on LDAP.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3883 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130110/99d7cd46/attachment.bin>
More information about the dovecot
mailing list