BDAT to DATA translation on submission service when checkpassword is involved
Dan Conway
darkc0de at archnix6.net
Fri Jul 23 01:22:26 EEST 2021
Hello,
I'm having issues with Dovecot translating "BDAT" commands (CHUNKING)
into "DATA" commands when the backend does not support it in the
submission service. I use "checkpassword" to authenticate users and
judging by older mailing list entries the presence of "submission_*"
directives must be in place for Dovecot to translate. Even with these
directives set, the translation doesn't seem to occur.
checkpassword returns "director_tag=remote_smtp" (along with other
fields such as nopassword=y proxy=y) which in turn sets the backend host
to relay the connection to. I have a feeling the use of checkpassword
has something to do with this lack of translation.
If the "submission_*" directives must be in place for this translation
to occur, which ones are they? Can I return these fields from checkpassword?
Output of doveconf -n:
# 2.3.15 (0503334ab1): /etc/dovecot/dovecot.conf
# OS: Linux 4.15.0-147-generic x86_64 Ubuntu 18.04.5 LTS
# Hostname: xyz
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
director_mail_servers = x.x.x.x at remote_smtp
director_servers = x.x.x.x
disable_plaintext_auth = no
mail_log_prefix = "%Us(%u) [%r]: "
passdb {
args = /usr/local/bin/checkpassword
driver = checkpassword
}
protocols = " imap pop3 submission"
service anvil {
client_limit = 3553
}
service auth {
client_limit = 3550
}
service director {
fifo_listener login/proxy-notify {
mode = 0600
user = $default_login_user
}
inet_listener {
address = x.x.x.x
port = 9090
}
unix_listener director-admin {
mode = 0600
}
unix_listener login/director {
mode = 0666
}
}
service imap-login {
executable = imap-login director
inet_listener imap {
address = x.x.x.x
port = 143
}
inet_listener imaps {
address = x.x.x.x
port = 993
ssl = yes
}
process_limit = 1000
process_min_avail = 0
service_count = 1
}
service imap {
process_limit = 2048
process_min_avail = 0
service_count = 1
vsz_limit = 384 M
}
service pop3-login {
executable = pop3-login director
inet_listener pop3 {
address = x.x.x.x
port = 110
}
inet_listener pop3s {
address = x.x.x.x
port = 995
ssl = yes
}
process_limit = 450
}
service pop3 {
process_limit = 190
process_min_avail = 0
service_count = 1
}
service submission-login {
executable = submission-login director
inet_listener smtp {
address = x.x.x.x
port = 25
}
inet_listener smtps {
address = x.x.x.x
port = 465
ssl = yes
}
inet_listener submission {
address = x.x.x.x
port = 587
}
process_limit = 2000
}
ssl_cert = </etc/...
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.1
submission_backend_capabilities =
submission_host = x.x.x.x
submission_relay_host = x.x.x.x
submission_relay_port = 465
submission_relay_ssl = smtps
submission_relay_trusted = yes
userdb {
args = /etc/dovecot/userdb.conf
driver = ldap
}
protocol imap {
imap_logout_format = bytes=%i/%o, del=%e
mail_max_userip_connections = 20
}
protocol pop3 {
mail_max_userip_connections = 20
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
}
protocol submission {
mail_max_userip_connections = 10
}
local_name *.domain.com {
ssl_cert = </etc/...
ssl_key = # hidden, use -P to show it
}
More information about the dovecot
mailing list