Authentication Problem with dovecot-2.3.0.1
Odhiambo Washington
odhiambo at gmail.com
Wed Mar 7 22:07:15 EET 2018
I am a little confused here.
I have been running 2.2.34 which I installed in /opt/dovecot2.2
I installed 2.3.0.1 to /opt/dovecot23
I then used config files from /opt/dovecot2.2/etc/dovecot to
/opt/dovecot2.3/etc/dovecot and all I did was sed -i.BAK
's/dovecot2.2/dovecot2.3/g'. Dovecot started and was running file.
Next, I manually crafted config files for 2.3.0.1 based on the example
config files provided which diff-ing those with what I had for 2.2.34. I
doub't if I missed something crucial during the process.
1. I realized that I cannot start 2.3.0.1 when I enable submission, since
my Exim MTA is already using that port. This persists even if I tell the
submission protocol to use a different port than 587. I tested 2587, but it
would appear that 587 is hard-coded!
2. I realize that "unix_listener auth-client" service ceased to exist!
3. *I realized that while 2.2.34 runs with default_pass_scheme = MD5-CRYPT,
2.3.0.1 would not run with it.*
4. I have run dovecot -n from my 2.2.x installation and 2.3.x installation
and here is the diff from the two files.
I am confused why authentication is failing with dovecot-2.3.0.1 when it
uses 2.3.x config files using MD5-CRYPT scheme while it is succeeding with
dovecot-2.2.34 using the same.
*Mar 07 22:30:22 auth: Info: sql(user.name at domain.name
<user.name at domain.name>,192.168.55.97,<4CETl9dmscvAqDdh>): Requested
DIGEST-MD5 scheme, but we have only MD5-CRYPT*
Maybe the problem is elsewhere??? I need a 3rd eye to help me.
For now
root at gw:~wash/public_html # sdiff dovecot-2.2.txt dovecot-2.3.txt | less
# 2.2.34 (874deae): /opt/dovecot2.2/etc/dovecot/dovecot.conf | # 2.3.0.1
(ffd8a29): /opt/dovecot2.3/etc/dovecot/dovecot.conf
# OS: FreeBSD 9.3-STABLE i386 ufs # OS:
FreeBSD 9.3-STABLE i386 ufs
# Hostname: localhost <
auth_cache_size = 20 M
auth_cache_size = 20 M
auth_master_user_separator = *
auth_master_user_separator = *
auth_mechanisms = plain login digest-md5
auth_mechanisms = plain login digest-md5
auth_socket_path = /var/run/dovecot/auth-userdb
auth_socket_path = /var/run/dovecot/auth-userdb
base_dir = /var/run/dovecot/ base_dir =
/var/run/dovecot/
default_login_user = dovecot
default_login_user = dovecot
disable_plaintext_auth = no
disable_plaintext_auth = no
first_valid_gid = 0
first_valid_gid = 0
first_valid_uid = 26
first_valid_uid = 26
hostname = gw hostname = gw
info_log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot.log
mail_location = maildir:/var/spool/virtual/%d/%n/Maildir:INDE
mail_location = maildir:/var/spool/virtual/%d/%n/Maildir:INDE
mail_plugins = " quota" <
namespace inbox { namespace
inbox {
inbox = yes inbox =
yes
location = location =
mailbox Drafts { mailbox
Drafts {
special_use = \Drafts
special_use = \Drafts
} }
mailbox Junk { mailbox
Junk {
special_use = \Junk
special_use = \Junk
} }
mailbox Sent { mailbox
Sent {
special_use = \Sent
special_use = \Sent
} }
mailbox "Sent Messages" { mailbox
"Sent Messages" {
special_use = \Sent
special_use = \Sent
} }
mailbox Trash { mailbox
Trash {
special_use = \Trash
special_use = \Trash
} }
prefix = prefix =
} }
passdb { passdb {
args = /opt/dovecot2.2/etc/dovecot/passwd.master_users.ext | args =
/opt/dovecot2.3/etc/dovecot/passwd.master_users.ext
driver = passwd-file driver =
passwd-file
master = yes master =
yes
pass = yes pass = yes
} }
passdb { passdb {
args = /opt/dovecot2.2/etc/dovecot/dovecot-sql.conf.ext | args =
/opt/dovecot2.3/etc/dovecot/dovecot-sql.conf.ext
driver = sql driver =
sql
} }
plugin { plugin {
mail_log_fields = uid box msgid size
mail_log_fields = uid box msgid size
quota_rule = *:storage=1G
quota_rule = *:storage=1G
quota_rule2 = Trash:storage=+100M
quota_rule2 = Trash:storage=+100M
quota_warning = storage=95%% quota-warning 95 %u
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
quota_warning2 = storage=80%% quota-warning 80 %u
quota_warning3 = -storage=100%% quota-warning below %u
quota_warning3 = -storage=100%% quota-warning below %u
} }
service auth { service
auth {
unix_listener auth-client { <
mode = 0600 <
user = mailnull <
} <
unix_listener auth-userdb {
unix_listener auth-userdb {
group = mailnull group =
mailnull
user = mailnull user =
mailnull
} }
} }
service quota-warning { service
quota-warning {
executable = script /opt/dovecot2.2/scripts/quota-warning.s |
executable = script /opt/dovecot2.3/scripts/quota-warning.s
unix_listener quota-warning {
unix_listener quota-warning {
user = mailnull user =
mailnull
} }
user = dovecot user =
dovecot
} }
ssl_cert = </usr/local/etc/letsencrypt/live/gw.crownkenya.com ssl_cert =
</usr/local/etc/letsencrypt/live/gw.crownkenya.com
ssl_key = # hidden, use -P to show it ssl_key =
# hidden, use -P to show it
>
submission_max_mail_size = 4 G
userdb { userdb {
args = /opt/dovecot2.2/etc/dovecot/dovecot-sql.conf.ext | args =
/opt/dovecot2.3/etc/dovecot/dovecot-sql.conf.ext
driver = sql driver =
sql
} }
protocol lda { <
mail_plugins = quota <
} <
protocol imap { protocol
imap {
mail_max_userip_connections = 5
mail_max_userip_connections = 5
mail_plugins = " quota imap_quota" <
} }
protocol pop3 { | protocol
lda {
mail_max_userip_connections = 5 |
mail_plugins = quota
} }
Maybe I am just suffering brainlock and need to debug auth further, but I
have see a question about this auth issue already from another poster, and
it's not been answered by anyone.
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180307/c8e4953f/attachment-0001.html>
More information about the dovecot
mailing list