No AUTH PLAIN with dovecot 2.0.19

Mon Sep 29 18:45:05 UTC 2014

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

thanks very much for your configuration. It seems with dovecot 2.0.19
the configuration has changed quite a bit
and things have been splitted into several files
(http://wiki2.dovecot.org/QuickConfiguration)

sudo grep -rl postfix /etc/dovecot/*
/etc/dovecot/conf.d/10-master.conf
/etc/dovecot/conf.d/01-mail-stack-delivery.conf

and included inside dovecot.conf (!include conf.d/*.conf)

I finally found that auth_debug is inside

/etc/dovecot/conf.d/10-logging.conf

I will turn on the logging and hopefully better understand what is
happening.

Thanks

Michael

Am 29.09.14 16:00, schrieb Reindl Harald:
>
> Am 29.09.2014 um 15:51 schrieb Michael Wechner:
>> Am 29.09.14 15:30, schrieb Reindl Harald:
>>
>>> Am 29.09.2014 um 15:21 schrieb Michael Wechner:
>>>>
>>>> Hi Harald
>>>>
>>>> Thanks very much for your quick reply. Please see my answers inline
below
>>>>
>>>>> telnet is worthless because AUTH is likely announced *after STARTTLS*
>>>>> http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
>>>>
>>>> right, but when requesting for example mail.wyona.com, then I can see
>> AUTH
>>
>>> depends on the servers configuration
>>
>>>> hence I would assume to see it also for the new version of postfix
>>>> and dovecot, or do I misunderstand something?
>>
>>> yes, you did not read
>> http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
>>
>>> if the server is configured in a way it offers AUTH only
>>> over a encrypted channel (recommended) then you need to
>>> use STARTTLS before you see the capability and for that
>>> telnet is just the wrong tool
>>
>> the new server config reads (postfix mail_version = 2.7.0):
>>
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_type = dovecot
>> smtpd_sasl_path = private/dovecot-auth
>> smtpd_sasl_authenticated_header = yes
>> smtpd_sasl_security_options = noanonymous
>> smtpd_sasl_local_domain = $myhostname
>> broken_sasl_auth_clients = yes
>> smtpd_recipient_restrictions = reject_unknown_sender_domain,
>> reject_unknown_recipient_domain, reject_unauth_pipelining,
>> permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
>> smtpd_sender_restrictions = reject_unknown_sender_domain
>
> * check postfix master.cf for chroot - only explicit "n" disabled it
> * check configuration of the private/dovecot-auth (permissions and so on)
> * look at your logs careful
> ____________________________________________________________________
>
> that is my part in dovecot.conf:
>
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
>   mode = 0660
>   user = postfix
>   group = postfix
>  }
> }
> ____________________________________________________________________
>
> that's my part in postfix's main.cf:
>
> smtpd_sasl_auth_enable  = yes
> smtpd_sasl_type = dovecot
> smtpd_sasl_path = private/auth
> ____________________________________________________________________
>
> well, both are unchanged for a very long time and survived
> a lot of dist-upgrades (Fedora) as well as Dovecot/Postfix
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org

iQEcBAEBCgAGBQJUKaixAAoJECV0ivYw6bPKtjAH/AiMIS4I0+8q8vqJYwzs9Pzr
LgQfe/O9O6HwtL0u63bkZ8SPslxKUxhpl9dmv6HcodfGxHSkaGdlcVS96o6ynjS4
rcWoco6qQ0PsRiJTT1x2IGqO8mPQgH9ovHmI+6ZKAqjWi4S8iFT6G/D6tdtmikME
GqW2p2r0mE4xyn0RwU6IWb+cxEYPq3X/8GuSbQsO3Ux0AcejUBgI1ex9xfHM8xhi
vfxPDNY9M1s/l+lwBiEqAjkwe99cOpuBPr9u9Mg6WS3+fGwa+Di642ZeZAy3SB63
/wYtLProbJ7enHar7t0sEb0/WvpqUvchNunlw3R1KRe/RhMSbxKYY0x4t6WLSGo=
=MLa2
-----END PGP SIGNATURE-----