Local auth works with dovecot-proxy, remote does not
Camilo Sperberg
unreal4u at gmail.com
Mon Aug 30 14:54:10 EEST 2021
I think I have found the issue: I'm missing the auth_proxy_self setting:
https://doc.dovecot.org/configuration_manual/authentication/proxies/
When I set this to the IP of the server, it seems to perform the
authentication without issues for webmail as external clients such as
Thunderbird.
Greetings,
Camilo Sperberg
On Tue, Aug 24, 2021 at 2:37 PM Camilo Sperberg <unreal4u at gmail.com> wrote:
> Hi list!
>
> I've configured dovecot-proxy to redirect users to another server if their
> data is indeed on that other server.
>
> Webmail (which runs on the same machine) works perfectly fine, but clients
> such as Thunderbird and Outlook do not work as intended, I suspect it to be
> a problem with the IP that dovecot-proxy sees, but I can't figure out what
> is wrong: I've already done a lot of Googling and also tried to change the
> login_trusted_networks value, but to no avail.
>
> I've enabled debug log and here is the relevant part of a call that fails
> and another one that succeeds (FYI 10.164.0.3 is the machine that is doing
> the proxying and where webmail is located, 10.164.0.20 is the 'node', these
> logs come from that node, doveconf -n is also provided in the gist):
> https://gist.github.com/unreal4u/64de0f05b6e3b98034cdb0ae52ce1196
>
> So as far as I can interpret the logs, in the failure case it is basically
> saying it should go to the node, despite it already being on that node:
> Aug 24 11:29:07 mail-node-2 dovecot: auth: Debug: client passdb out:
> OK#0112#011user=me at XXXXXX.XX
> #011host=10.164.0.20#011port=143#011proxy#011pass=<hidden>
>
> In the success case, I don't see any mention of a proxy:
> Aug 24 11:35:21 mail-node-2 dovecot: auth: Debug: client passdb out:
> OK#0116#011user=me at XXXXXXXXX.XX
>
>
> What am I missing here? Has this something to do with
> authentication-allow-nets or authentication-allow-real-nets ? If so: where
> to define it? Is there something else I'm missing?
>
> Thanks in advance for your help,
> Camilo Sperberg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20210830/15dc1c99/attachment.html>
More information about the dovecot
mailing list