authenticate plain, and virtual users

Eric Abrahamsen eric at
Wed Oct 22 04:32:01 UTC 2014

I'm running dovecot 2.2.14 on Archlinux. I've been using it with the
isync syncing utility for quite some time with no problems, using the
LOGIN authentication mechanism. Recently Isync was updated to support
PLAIN, and I'm having trouble moving to that. The authenticate string
that isync is sending is not the one that dovecot is expecting.

I suspect this is because of how I have virtual users set up on my
machine. This is a personal laptop, no other users, and so I didn't want
to go through the rigmarole of creating more system users just for mail
accounts. I also wanted everything stored under my home directory. So my
dovecot config looks like this:

# 2.2.14: /etc/dovecot/dovecot.conf
# OS: Linux 3.16.4-1-ARCH i686  
auth_verbose = yes
disable_plaintext_auth = no
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
mail_plugins = " fts fts_lucene"
passdb {
  args = username_format=%u /etc/dovecot/passwd
  driver = passwd-file
plugin {
  fts = lucene
  fts_autoindex = yes
  fts_lucene = whitespace_chars=@.
protocols = imap
ssl = no
userdb {
  args = uid=eric gid=users home=/home/eric/.mail/%d/%n username_format=%u
  default_fields = mail=maildir:/home/eric/.mail/%d/%n/mail
  driver = static

My /etc/dovecot/passwd looks like this:

eric at{PLAIN}password1
eric at{PLAIN}password2

When isync tries to log into the local dovecot using PLAIN, it sends
the base64-encoded version of this string:

eric at\0eric\0password2

With my current dovecot config, telnet experimentation shows that
dovecot will accept either of these two:

\0eric at\0password2
eric at\0eric at\0password2

Ie, either with or without the authorization ID, just like it says at

Given that I'm unlikely to be able to change how isync sends the string
(and that it's really doing the right thing), are there alterations I
can make to my dovecot config to get it to accept the authenticate
string that isync is sending? Ideally, can I do that without having to
set up system users?

I've already tried using the other fields in the passwd file, putting
"eric" and "eric at" into the UID fields, just in case.
No dice.

Thanks in advance for any advice!


More information about the dovecot mailing list