NTLM fails: dovecot: auth: Fatal: Unknown authentication mechanism 'NTLM'

David Koski david at kosmosisland.com
Sun Jan 23 01:29:43 UTC 2022 

Is NTLM now dead?  The Readme says:

2020-10-23 16:24:09 -0400 Josef 'Jeff' Sipek 
<jeff.sipek at open-xchange.com> (48d6f7282)

     auth: Remove ntlm mechanism & the LANMAN and NTLM password schemes

M       COPYING
M       configure.ac
M       src/Makefile.am
M       src/auth/Makefile.am
D       src/auth/mech-ntlm.c
M       src/auth/mech.c
M       src/auth/password-scheme.c
M       src/auth/test-libpassword.c
M       src/auth/test-mech.c
M       src/doveadm/Makefile.am
D       src/lib-ntlm/Makefile.am
D       src/lib-ntlm/ntlm-des.c
D       src/lib-ntlm/ntlm-des.h
D       src/lib-ntlm/ntlm-encrypt.c
D       src/lib-ntlm/ntlm-encrypt.h
D       src/lib-ntlm/ntlm-flags.h
D       src/lib-ntlm/ntlm-message.c
D       src/lib-ntlm/ntlm-message.h
D       src/lib-ntlm/ntlm-types.h
D       src/lib-ntlm/ntlm.h

David

On 1/22/22 4:22 PM, David Koski wrote:
> After upgrading Debian to 11 I found Dovecot at version 2.3.13 
> (89f716dc2).  Now auth method NTLM fails and is not even listed:
>
> # doveadm pw -l
> SHA1 SSHA512 SCRAM-SHA-256 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA 
> DES-CRYPT CRYPT SSHA MD5-CRYPT PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 
> SHA512-CRYPT CLEAR CLEARTEXT ARGON2I ARGON2ID SSHA256 MD5 PBKDF2 
> SHA256 CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT SMD5 DIGEST-MD5 LDAP-MD5
>
> /var/log/dovecot.log
> Jan 22 16:20:32 auth: Fatal: Unknown authentication mechanism 'NTLM'
> Jan 22 16:20:32 master: Error: service(auth): command startup failed, 
> throttling for 2.000 secs
> Jan 22 16:20:34 auth: Fatal: Unknown authentication mechanism 'NTLM'
> Jan 22 16:20:34 master: Error: service(auth): command startup failed, 
> throttling for 4.000 secs
> Jan 22 16:20:38 auth: Fatal: Unknown authentication mechanism 'NTLM'
> Jan 22 16:20:38 master: Error: service(auth): command startup failed, 
> throttling for 8.000 secs
> Jan 22 16:20:46 auth: Fatal: Unknown authentication mechanism 'NTLM'
> Jan 22 16:20:46 master: Error: service(auth): command startup failed, 
> throttling for 16.000 secs
>
> # doveconf -n
> # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.13 (cdd19fe3)
> # OS: Linux 5.10.0-11-amd64 x86_64 Debian 11.2
> # Hostname: imail.khmfdbyekekelj1rmytwnfh1bc.dx.internal.cloudapp.net
> auth_mechanisms = plain login ntlm
> debug_log_path = /var/log/dovecot-debug.log
> info_log_path = /var/log/dovecot-info.log
> log_path = /var/log/dovecot.log
> maildir_stat_dirs = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope 
> encoded-character vacation subaddress comparator-i;ascii-numeric 
> relational regex imap4flags copy include variables body enotify 
> environment mailbox date index ihave duplicate mime foreverypart 
> extracttext
> namespace compat {
>   alias_for =
>   hidden = yes
>   inbox = no
>   list = no
>   location =
>   prefix = INBOX.
>   separator = .
> }
> namespace inbox {
>   inbox = yes
>   location =
>   mailbox Drafts {
>     special_use = \Drafts
>   }
>   mailbox Junk {
>     special_use = \Junk
>   }
>   mailbox Sent {
>     special_use = \Sent
>   }
>   mailbox "Sent Messages" {
>     special_use = \Sent
>   }
>   mailbox Trash {
>     special_use = \Trash
>   }
>   prefix =
>   separator = .
> }
> passdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> plugin {
>   mail_plugins = " quota trash sieve"
>   sieve = file:~/sieve;active=~/.dovecot.sieve
> }
> protocols = " imap sieve"
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
>     group = postfix
>     mode = 0666
>     user = postfix
>   }
>   unix_listener auth-client {
>     mode = 0660
>   }
> }
> service stats {
>   unix_listener stats-reader {
>     group = vmail
>     mode = 0660
>     user = vmail
>   }
>   unix_listener stats-writer {
>     group = vmail
>     mode = 0660
>     user = vmail
>   }
> }
> ssl_cert = </etc/letsencrypt/live/imail1.sutinen.com/fullchain.pem
> ssl_client_ca_dir = /etc/ssl/certs
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> userdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> protocol lmtp {
>   mail_plugins = " quota trash sieve"
>   postmaster_address = admin-kosmosisland.com at kosmosisland.com
> }
> protocol lda {
>   mail_plugins = " quota trash sieve"
> }
>
> Regards,
> David Koski
>

More information about the dovecot mailing list