First time setting up Director Woes

Jesse C. Smillie jsmillie at gatewayk12.org
Mon Mar 13 20:21:53 UTC 2017 

I'm trying to setup our first director server.  Trying to keep the 
initial config simple really as just maybe a proof of concept and its 
got me pulling my hair out today.  Initially I just tried to convert one 
of my already running IMAP servers to be a director just to see if I 
could do it.  I modified the configs as it appeared they needed based on:

https://wiki2.dovecot.org/Director
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy

But it didn't work.  Kept serving files locally instead of proxing off 
to the servers listed.
-----------------------------------------------------------------------------------------------====
Mar 13 15:58:27 fugitoid dovecot: imap-login: Login: user=<makaveli>, 
method=PLAIN, rip=10.0.15.114, lip=10.1.12.221, mpid=3022, TLS, 
session=<YCCCIqJKmMIKAA9y>
Mar 13 15:58:27 fugitoid dovecot: imap(makaveli): Error: User 
initialization failed: Namespace '': mkdir(/home/makaveli/Maildir) 
failed: Permission denied (euid=2605(makaveli) egid=1100(<unknown>) 
missing +w perm: /home, dir owned by 0:0 mode=0755)
Mar 13 15:58:27 fugitoid dovecot: imap: Error: Invalid user settings. 
Refer to server log for more information.


Thinking it was just something with that box (still running Dovecot 
2.2.10 as well) I moved on to setup a new Centos7 server and go through 
the setup again and initially it was working for a few hours.
-----------------------------------------------------------------------------------------------====
Mar 13 12:19:03 fugitoid dovecot: imap-login: proxy(makaveli): started 
proxying to 10.1.12.228:993: user=<makaveli>, method=PLAIN, 
rip=10.0.15.114, lip=10.1.12.221, TLS, session=<CzfaEZ9KXgAKAA9y>


Then at some point I got side tracked by a pam error message and when I 
came back from working that out Dovecot was trying to authenticate users 
locally again.  I really feel like I'm missing something here, but for 
the life of me I can't figure it out.  Any ideas would be welcome.  Thanks.





# 2.2.28 (bed8434): /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-514.10.2.el7.x86_64 x86_64 CentOS Linux release 
7.3.1611 (Core)
auth_mechanisms = plain login
default_client_limit = 1024
director_mail_servers = 10.1.12.229 10.1.12.228 10.1.12.225
director_servers = 10.1.12.221:9090
mail_fsync = always
mail_nfs_storage = yes
mbox_write_locks = fcntl
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     special_use = \Trash
   }
   prefix =
}
passdb {
   driver = pam
}
passdb {
   args = proxy=y nopassword=y ssl=any-cert
   driver = static
}
protocols = imap
service director {
   fifo_listener login/proxy-notify {
     mode = 0666
   }
   inet_listener {
     port = 9090
   }
   unix_listener director-userdb {
     mode = 0600
   }
   unix_listener login/director {
     mode = 0666
   }
}
service imap-login {
   executable = imap-login director
   inet_listener imaps {
     port = 993
     ssl = yes
   }
}
ssl = required
ssl_ca = </etc/GoDaddy_SSL/gd_bundle.crt
ssl_cert = </etc/GoDaddy_SSL/gatewayk12.cert
ssl_cipher_list = 
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048
ssl_key =  # hidden, use -P to show it
ssl_protocols = TLSv1 TLSv1.1 TLSv1.2
userdb {
   driver = passwd
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jsmillie.vcf
Type: text/x-vcard
Size: 319 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20170313/073dfddb/attachment.vcf>

More information about the dovecot mailing list