First time setting up Director Woes
Jesse C. Smillie
jsmillie at gatewayk12.org
Mon Mar 13 20:21:53 UTC 2017
I'm trying to setup our first director server. Trying to keep the
initial config simple really as just maybe a proof of concept and its
got me pulling my hair out today. Initially I just tried to convert one
of my already running IMAP servers to be a director just to see if I
could do it. I modified the configs as it appeared they needed based on:
https://wiki2.dovecot.org/Director
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
But it didn't work. Kept serving files locally instead of proxing off
to the servers listed.
-----------------------------------------------------------------------------------------------====
Mar 13 15:58:27 fugitoid dovecot: imap-login: Login: user=<makaveli>,
method=PLAIN, rip=10.0.15.114, lip=10.1.12.221, mpid=3022, TLS,
session=<YCCCIqJKmMIKAA9y>
Mar 13 15:58:27 fugitoid dovecot: imap(makaveli): Error: User
initialization failed: Namespace '': mkdir(/home/makaveli/Maildir)
failed: Permission denied (euid=2605(makaveli) egid=1100(<unknown>)
missing +w perm: /home, dir owned by 0:0 mode=0755)
Mar 13 15:58:27 fugitoid dovecot: imap: Error: Invalid user settings.
Refer to server log for more information.
Thinking it was just something with that box (still running Dovecot
2.2.10 as well) I moved on to setup a new Centos7 server and go through
the setup again and initially it was working for a few hours.
-----------------------------------------------------------------------------------------------====
Mar 13 12:19:03 fugitoid dovecot: imap-login: proxy(makaveli): started
proxying to 10.1.12.228:993: user=<makaveli>, method=PLAIN,
rip=10.0.15.114, lip=10.1.12.221, TLS, session=<CzfaEZ9KXgAKAA9y>
Then at some point I got side tracked by a pam error message and when I
came back from working that out Dovecot was trying to authenticate users
locally again. I really feel like I'm missing something here, but for
the life of me I can't figure it out. Any ideas would be welcome. Thanks.
# 2.2.28 (bed8434): /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-514.10.2.el7.x86_64 x86_64 CentOS Linux release
7.3.1611 (Core)
auth_mechanisms = plain login
default_client_limit = 1024
director_mail_servers = 10.1.12.229 10.1.12.228 10.1.12.225
director_servers = 10.1.12.221:9090
mail_fsync = always
mail_nfs_storage = yes
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
passdb {
args = proxy=y nopassword=y ssl=any-cert
driver = static
}
protocols = imap
service director {
fifo_listener login/proxy-notify {
mode = 0666
}
inet_listener {
port = 9090
}
unix_listener director-userdb {
mode = 0600
}
unix_listener login/director {
mode = 0666
}
}
service imap-login {
executable = imap-login director
inet_listener imaps {
port = 993
ssl = yes
}
}
ssl = required
ssl_ca = </etc/GoDaddy_SSL/gd_bundle.crt
ssl_cert = </etc/GoDaddy_SSL/gatewayk12.cert
ssl_cipher_list =
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048
ssl_key = # hidden, use -P to show it
ssl_protocols = TLSv1 TLSv1.1 TLSv1.2
userdb {
driver = passwd
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jsmillie.vcf
Type: text/x-vcard
Size: 319 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20170313/073dfddb/attachment.vcf>
More information about the dovecot
mailing list