a temporary failure

Daniel Tröder troeder at univention.de
Tue Jun 23 07:19:03 UTC 2015 

Am 22.06.2015 um 18:21 schrieb lejeczek:
> On 22/06/15 09:16, lejeczek wrote:
>>
>> dear all
>>
>> I have a postfix relaying to dovecot's lda but "strangely" it does not
>> work, I mean I imaging it's me doing something wrong, yet I cannot
>> figure out what.
>>
>> postfix logs:
>>
>> to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot,
>> delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred
>> (temporary failure)
>>
>> and dovecot logs no error, despite having debug to yes in couple of
>> places,
>> it shows:
>>
>> auth: Debug: master in: USER    1    me at my.domain    service=lda
>> auth-worker(25343): Debug: passwd(me at my.domain): lookup
>> auth-worker(25343): passwd(me at my.domain): unknown user
>> auth: Debug: ldap(me at my.domain): user search:
>> base=ou=People,dc=my,dc=domain scope=subtree
>> filter=(&(objectClass=person)(uid=me)) fields=
>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top,
>>
>> ... here  goes the whole lot of ldap atrribs, and at the end:
>>
>> unused.
>>
>> For passdb & userdb in the configs I only configure ldap backed,
>> nothing else. Ldap works, I can query it without failling.
>> I believe it's very simple set up but I must be wrong somewhere.
>>
>>
>> pass_filter = (&(objectClass=posixAccount)(uid=%n))
>> pass_attrs = uid=user=%n,userPassword=password
>>
>> user_attrs =
>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n
>>
>> user_filter = (&(objectClass=person)(uid=%n))
>>
>> Any suggestions very appreciated.
>> thanks
>>
> strange thing is that an IMAP clients authenticates just fine. Only
> problems are when sending messages with smtp/postfix.
I had a similar problem. Turned out, that when the message comes from
Postfix, the identifier is an email address (surprise ;) and not a
username, so my LDAP query looks similar to this:

user_filter = (&(objectClass=person)(|(uid=%u)(email=%u)))

Anyway, when you set auth_verbose=yes and auth_debug=yes,  in
10-logging.conf you'll see the exact LDAP query.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150623/93018071/attachment.sig>

More information about the dovecot mailing list