Fwd: Re: auth with entire email addr instead of just username

Cliff Hayes chayes at afo.net
Thu Oct 2 21:03:59 UTC 2014

Good point.
But when I try to add a user with the "user at domain" format using the 
useradd command I get error...
useradd: invalid user name 'user at domain.com'
Does this mean it's time to switch to database auth?

Here is output you requested:

# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-431.29.2.el6.x86_64 x86_64 Scientific Linux release 
6.5 (Carbon)
auth_debug = yes
auth_debug_passwords = yes
auth_verbose = yes
auth_verbose_passwords = plain
mail_access_groups = mail
mail_debug = yes
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
namespace {
   hidden = no
   inbox = yes
   list = yes
   location =
   prefix =
   separator = .
   subscriptions = yes
   type = private
passdb {
   driver = pam
protocols = imap
ssl_ca = </etc/pki/dovecot/certs/intermediate.crt
ssl_cert = </etc/pki/dovecot/certs/avalon20140929.crt
ssl_key = </etc/pki/dovecot/private/avalon20140929.key
userdb {
   driver = passwd
verbose_ssl = yes
protocol imap {
   imap_id_log = *

-------- Original Message --------
From: 	- Thu Oct 02 15:19:41 2014
X-Account-Key: 	account6
X-UIDL: 	00046c9947d56bfd
X-Mozilla-Status: 	0011
X-Mozilla-Status2: 	00000000
Return-Path: 	<dovecot-bounces at dovecot.org>
Received: 	from nitronium05.afomx.net (wsip-66-210-221-15.pn.at.cox.net 
[]) by sendmail.afo.net (8.14.7/8.14.7) with ESMTP id 
s92KJXqO012885 for <chayes at afo.net>; Thu, 2 Oct 2014 15:19:34 -0500
Received: 	from wursti.dovecot.fi (wursti.dovecot.fi []) 
by nitronium05.afomx.net (8.14.4/8.14.4) with ESMTP id s92KJUjn032312 
for <chayes at afo.net>; Thu, 2 Oct 2014 15:19:31 -0500
Received: 	from wursti.dovecot.fi (localhost.localdomain []) by 
wursti.dovecot.fi (Postfix) with ESMTP id 211FE22373; Thu, 2 Oct 2014 
22:19:24 +0200 (CEST)
X-Spam-Checker-Version: 	SpamAssassin 3.3.1 (2010-03-16) on 
X-Spam-Status: 	No, score=-1.1 required=5.0 tests=BAYES_00,RDNS_NONE 
autolearn=no version=3.3.1
Received: 	from talvi.dovecot.org (unknown []) by 
wursti.dovecot.fi (Postfix) with ESMTP; Thu, 2 Oct 2014 22:19:24 +0200 
Received: 	from [] (localhost []) by 
talvi.dovecot.org (Postfix) with ESMTP id 44D7D235EA; Thu, 2 Oct 2014 
20:19:44 +0000 (UTC)
X-Original-To: 	dovecot at dovecot.org
Delivered-To: 	dovecot at dovecot.org
Received: 	by talvi.dovecot.org (Postfix, from userid 506) id 
A9CBD235F0; Thu, 2 Oct 2014 20:19:42 +0000 (UTC)
Received: 	from mail.thelounge.net (unknown []) by 
talvi.dovecot.org (Postfix) with ESMTPS id 4DC95234B4 for 
<dovecot at dovecot.org>; Thu, 2 Oct 2014 20:19:42 +0000 (UTC)
Message-ID: 	<542DB349.4080704 at thelounge.net>
Date: 	Thu, 02 Oct 2014 22:19:21 +0200
From: 	Reindl Harald <h.reindl at thelounge.net>
Organization: 	the lounge interactive design
User-Agent: 	Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 
MIME-Version: 	1.0
To: 	dovecot at dovecot.org
Subject: 	Re: auth with entire email addr instead of just username
References: 	<542DB200.40809 at afo.net>
In-Reply-To: 	<542DB200.40809 at afo.net>
OpenPGP: 	id=7F780279; 
Content-Type: 	multipart/signed; micalg=pgp-sha1; 
X-BeenThere: 	dovecot at dovecot.org
X-Mailman-Version: 	2.1.17
Precedence: 	list
Reply-To: 	Dovecot Mailing List <dovecot at dovecot.org>
List-Id: 	Dovecot Mailing List <dovecot.dovecot.org>
List-Unsubscribe: 	<http://dovecot.org/cgi-bin/mailman/options/dovecot>, 
<mailto:dovecot-request at dovecot.org?subject=unsubscribe>
List-Archive: 	<http://dovecot.org/pipermail/dovecot/>
List-Post: 	<mailto:dovecot at dovecot.org>
List-Help: 	<mailto:dovecot-request at dovecot.org?subject=help>
List-Subscribe: 	<http://dovecot.org/cgi-bin/mailman/listinfo/dovecot>, 
<mailto:dovecot-request at dovecot.org?subject=subscribe>
Errors-To: 	dovecot-bounces at dovecot.org
Sender: 	"dovecot" <dovecot-bounces at dovecot.org>
X-Scanned-By: 	MIMEDefang 2.73
X-Scanned-By: 	MIMEDefang 2.75

Am 02.10.2014 um 22:13 schrieb Cliff Hayes:
> I am trying to configure a new IMAP based mail server.
> I thought I had everything correct.
> I have dovecot logging turned up and see that dovecot is processing the entire email address as the username like
> this...
> Oct  2 14:52:20 servername dovecot: auth: Debug: pam(testuser at domain.com, lookup service=dovecot
> ... and of course pam is reporting that as an invalid user.
> Moments ago when all was mbox, authentication worked fine.
> I can see Thunderbird has the username correct (no domain).
> What is tacking on the domain and how do I fix?

output of "dovecot -n" would be in general a good start

* how looks your user database
* if you don't use domain as part of the username what do you do
   in case you get a second domain and names collide
* these days the full qualified mail address as username is common
   and in caes of virtual users you can feed all from the same
   source instead hanlde the localpart special for login-names

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141002/6fe7d6c4/attachment-0001.sig>

More information about the dovecot mailing list