Local lmtp proxy on backend server

Aki Tuomi aki.tuomi at open-xchange.com
Mon Dec 16 17:05:21 EET 2019 

Hi Marc,

Turn on auth_debug and mail_debug and see if the logs provide any clues.

Aki

> On 16/12/2019 15:19 Marc Roos <m.roos at f1-outsourcing.eu> wrote:
> 
>  
> Hi Aki,
> 
> I also tried with changing the original ldap source to svr2. Although 
> everywhere svr2 is configured, still mails keep being delivered locally 
> on svr1. Do I need to configure more than 20-lmtp.conf?
> 
> 
> 
> [@svr1 conf.d]# cat 20-lmtp.conf  | grep -v '^#'
> 
> lmtp_proxy = yes
> 
> 
> 
> 
> protocol lmtp {
>   # Space separated list of plugins to load (default is global 
> mail_plugins).
>   mail_plugins = $mail_plugins sieve
> 
>   info_log_path = /var/log/dovecot-lmtp.log
> 
>   # for getting local lmtp proxy to work
>   passdb {
>     driver = passwd
>     skip = authenticated
>     default_fields = proxy=y host=svr2
>   }
> 
> }
> 
> service lmtp {
>   vsz_limit = 768M
> 
>   executable = lmtp -L
> 
>   inet_listener lmtp {
>     address = 192.168.10.45
>     port = 24
>   }
> 
>   unix_listener lmtp {
>     mode = 0666
>   }
> }
> 
> 
> 
> -----Original Message-----
> To: aki.tuomi; dovecot
> Subject: RE: Local lmtp proxy on backend server
> 
> 
> Hi Aki,
> 
> If I adapt this configuration on svr1 like this[0], should the mail not 
> be delivered at svr2 passdb {
>   driver = pam
>   # [session=yes] [setcred=yes] [failure_show_msg=yes] 
> [max_requests=<n>]
>   # [cache_key=<key>] [<service name>]
>   #args = dovecot
>   default_fields = proxy=y host=svr2
> }
> passdb {
>   driver = passwd
>   skip = authenticated
>   default_fields = proxy=y host=svr2
> }
> 
> 
>  
> 
> -----Original Message-----
> From: Aki Tuomi [mailto:aki.tuomi at open-xchange.com]
> Sent: 16 December 2019 06:22
> To: Marc Roos; dovecot
> Subject: Re: Local lmtp proxy on backend server
> 
> 
> 	On 15/12/2019 23:09 Marc Roos < m.roos at f1-outsourcing.eu> wrote: 
> 
> 
> 	I receive a local mail when I do a 'mail test' on a backend svr1 
> with 
> 	this[0] configuration. However when I just add only one 
> configuration 
> 	change 'lmtp_proxy = yes' I am getting these errors[1]. I would 
> expect 
> 	this email to still be delivered locally, should this be working or 
> 
> do I 
> 	misunderstand the lmtp proxy functionality? 
> 
> 
> 	[0] 
> 	passdb { 
> 	args = 
> 	auth_verbose = default 
> 	default_fields = proxy=y host=svr1 
> 	deny = no 
> 	driver = pam 
> 
> 
> 	[1] 
> 	Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: none: root=, 
> index=, 
> 	indexpvt=, control=, inbox=, alt= 
> 	Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Connect from local 
> 	Dec 15 23:28:48 svr1 dovecot: auth: Debug: master in: 
> 	PASS#0111#011test#011service=lmtp 
> 	Dec 15 23:28:48 svr1 dovecot: auth: Debug: pam(test): passdb 
> doesn't 
> 	support credential lookups 
> 	Dec 15 23:28:48 svr1 dovecot: auth: Debug: passdb out: 
> 	FAIL#0111#011reason=Configured passdbs don't support credentials 
> lookups 
> 	Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: user test: Auth 
> PASS 
> 	lookup returned temporary failure: reason=Configured passdbs don't 
> 	support credentials lookups 
> 	Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: auth PASS input: 
> 	reason=Configured passdbs don't support credentials lookups 
> 
> 
> 	dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64 
> 	dovecot-2.2.36-3.el7_7.1.x86_64 
> 
> 
> PAM does not support looking up users, so you cannot use it for LMTP 
> proxying. Try adding 
> 
> passdb {
>   driver = passwd
>   skip = authenticated
> } 
> 
> after PAM block. 
> ---
> Aki Tuomi

More information about the dovecot mailing list