<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
You can use
</div>
<div>
<br>
</div>
<div>
plugin {
</div>
<div>
acl_user = %u
</div>
<div>
}
</div>
<div>
<br>
</div>
<div>
Aki
</div>
<blockquote type="cite">
<div>
On 12 April 2019 12:35 Usuario prueba via dovecot <dovecot@dovecot.org> wrote:
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div style="font-family: Verdana; font-size: 12.0px;">
<div>
<div>
<div>
I think is an ACL problem for master user. My master user is named "administrator" (static password files), all other users have ldap backend, and I tried to add this to acl file using vim
</div>
<div>
<br>
</div>
<div>
* user=administrator lr
</div>
</div>
<div>
<br>
</div>
<div>
But still does not work. I have read several times https://wiki.dovecot.org/Authentication/MasterUsers and still I do not get the ACL thing. That page says " Set
<tt>plugin { master_user=%u } </tt> This fully hides that master user login is being used ". I have tried setting master_user=%u inside my plugin section and does not work. Can anyone post a doveconf -n output of a static-file master user + ACL working as intented?
<tt> </tt>
</div>
<div>
<br>
</div>
<div>
Regards
</div>
<div>
<div style="margin: 10px 5px 5px 10px; padding: 10px 0 10px 10px; border-left: 2px solid #C3D9E5; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="margin: 0 0 10px 0;">
<strong>Enviar:</strong> viernes 12 de abril de 2019 a las 9:41
<br>
<strong>De:</strong> "Usuario prueba via dovecot" <dovecot@dovecot.org>
<br>
<strong>Para:</strong> dovecot@dovecot.org
<br>
<strong>Asunto:</strong> Mailbox INBOX: Opening INBOX failed: Mailbox doesn't exist: INBOX. Maybe master user + namespace problem?
</div>
<div>
<div style="font-family: Verdana; font-size: 12.0px;">
<div>
I am trying to migrate via imapsync a Dovecot mail server (host1) to Office 365 (hosts2) (just a test, I love Dovecot).
</div>
<div>
<br>
</div>
<div>
Imapsync, using dovecot master user, exact command I am using:
</div>
<div>
<br>
</div>
<div>
<div>
imapsync --host1 myhost.mydomain --user1 testuser@mydomain.com*administrator --password1 "XXXXX" --host2 Outlook.Office365.com --user2 testuser@mydomain.com --authuser2 "masteruser2" --password2 "XXXX" --office2
</div>
<div>
<br>
</div>
<div>
This does not work.
</div>
<div>
<br>
</div>
<div>
In dovecot logs I get the following error:
</div>
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
<div>
Apr 12 09:13:13 buzonus_rhel7 dovecot: imap-login: Login: user=<testuser@mydomain.com>, method=PLAIN, rip=192.168.1.97
</div>
<div>
, lip=192.168.4.80, mpid=24003, TLS, session=<fwL8CFCGtprAqAFh>
<br>Apr 12 09:13:14 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: ID sent: name=imapsync, version=1.921, os=linux, vendor=Gilles LAMIRAL, support-url=
<a target="_blank" href="https://imapsync.lamiral.info/" rel="noopener">https://imapsync.lamiral.info/</a>, date=18-Feb-2019 10:21:03 +0000, side=host1
<br>Apr 12 09:13:14 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: Error: Mailbox INBOX: Opening INBOX failed: Mailbox doesn't exist: INBOX
<br>Apr 12 09:13:16 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: Logged out in=369 out=2790 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
</div>
<div>
<br>
</div>
</div>
<div>
This is rather weird. I can access via thunderbird/mutt without problems to Dovecot server with "standard" accounts. If I try imapsync with a "standard" user, with real password, imapsync works. This only fails when I use the master user, can not find INBOX. Maybe a namespace problem using master user?
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
doveconf -n output below:
</div>
<div>
<br>
</div>
<div>
<div>
# 2.3.5.1 (7ec6d0ade): /etc/dovecot/dovecot.conf
<br># Pigeonhole version 0.5.5 (2483b085)
<br># OS: Linux 3.10.0-957.10.1.el7.x86_64 x86_64 Red Hat Enterprise Linux Server release 7.6 (Maipo) xfs
<br># Hostname: mysystem
<br>auth_cache_negative_ttl = 10 secs
<br>auth_cache_size = 10 M
<br>auth_cache_ttl = 2 mins
<br>auth_master_user_separator = *
<br>auth_mechanisms = plain login
<br>auth_worker_max_count = 15500
<br>base_dir = /var/run/dovecot/
<br>default_client_limit = 15000
<br>default_process_limit = 16500
<br>default_vsz_limit = 2 G
<br>disable_plaintext_auth = no
<br>imap_capability = +XLIST
<br>imap_client_workarounds = tb-extra-mailbox-sep delay-newmail tb-lsub-flags
<br>imap_id_log = *
<br>imap_max_line_length = 8 M
<br>lda_mailbox_autocreate = yes
<br>lda_mailbox_autosubscribe = yes
<br>mail_fsync = never
<br>mail_gid = entrega
<br>mail_home = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/
<br>mail_location = mdbox:/buzones/mydomain.com/%2.26Hn/%2.200Hn/%n:ITERINDEX:INDEX=/indices_dovecot/indices/%2.26Hn/%2.200Hn/%n:ALT=/buzones/alternativo/mydomain.com/%2.26Hn/%2.200Hn/%n
<br>mail_log_prefix = "%s(%u)<%{session}>: "
<br>mail_max_userip_connections = 15000
<br>mail_plugins = " zlib acl quota virtual mail_log notify"
<br>mail_uid = entrega
<br>managesieve_notify_capability = mailto
<br>managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date
<br>mdbox_rotate_interval = 1 days
<br>mdbox_rotate_size = 60 M
<br>namespace {
<br> inbox = yes
<br> location =
<br> mailbox Drafts {
<br> auto = subscribe
<br> special_use = \Drafts
<br> }
<br> mailbox SPAM {
<br> auto = subscribe
<br> special_use = \Junk
<br> }
<br> mailbox Sent {
<br> auto = subscribe
<br> special_use = \Sent
<br> }
<br> mailbox Trash {
<br> auto = subscribe
<br> special_use = \Trash
<br> }
<br> prefix =
<br> type = private
<br>}
<br>namespace {
<br> list = yes
<br> location = mdbox:/buzones/mydomain.com/%%2.26Hn/%%2.200Hn/%%n:ALT=/buzones/alternativo/mydomain.com/%%2.26Hn/%%2.200Hn/%%n:INDEX=/indices_dovecot/indices/%%2.26Hn/%%2.200Hn/%%n:INDEXPVT=~/mdbox/carpeta_compartida/%%u
<br> prefix = carpeta_compartida/%%u/
<br> separator = /
<br> subscriptions = no
<br> type = shared
<br>}
<br>passdb {
<br> args = /etc/dovecot/deny
<br> deny = yes
<br> driver = passwd-file
<br>}
<br>passdb {
<br> args = /etc/dovecot/dovecot-ldap.conf
<br> driver = ldap
<br>}
<br>passdb {
<br> args = /etc/file.txt
<br> driver = passwd-file
<br> master = yes
<br>}
<br>passdb {
<br> args = /etc/dovecot/dovecot-ldap.conf
<br> driver = ldap
<br>}
<br>plugin {
<br> acl = vfile
<br> acl_shared_dict = file:/buzones/mydomain.com/acls_compartidas.db
<br> lda_mailbox_autosubscribe = yes
<br> mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
<br> mail_log_fields = uid box msgid size subject from
<br> quota = dict:Cuota de usuario::file:/buzones/cuotas/%n
<br> quota_rule2 = Trash:storage=+10%%
<br> quota_warning = storage=90%% aviso_cuota 90 %u
<br> sieve = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/dovecot.sieve
<br> sieve_dir = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/sieve/
<br> zlib_save = gz
<br> zlib_save_level = 9
<br>}
<br>pop3_no_flag_updates = yes
<br>protocols = pop3 imap sieve
<br>service anvil {
<br> client_limit = 43000
<br>}
<br>service auth {
<br> client_limit = 58600
<br> unix_listener auth-master {
<br> user = entrega
<br> }
<br> unix_listener auth-userdb {
<br> user = entrega
<br> }
<br> user = root
<br>}
<br>service aviso_cuota {
<br> executable = script /usr/local/bin/quota-warning.sh
<br> unix_listener aviso_cuota {
<br> mode = 0666
<br> }
<br> user = entrega
<br>}
<br>service config {
<br> process_min_avail = 4
<br>}
<br>service imap-login {
<br> client_limit = 28000
<br> executable = /usr/libexec/dovecot/imap-login
<br> group = dovenull
<br> process_min_avail = 2
<br> service_count = 0
<br> vsz_limit = 2 G
<br>}
<br>service imap {
<br> executable = /usr/libexec/dovecot/imap
<br> process_limit = 18000
<br> process_min_avail = 120
<br> vsz_limit = 3 G
<br>}
<br>service managesieve-login {
<br> executable = /usr/libexec/dovecot/managesieve-login
<br> inet_listener sieve {
<br> port = 2000
<br> }
<br> process_limit = 2000
<br> vsz_limit = 2 G
<br>}
<br>service managesieve {
<br> executable = /usr/libexec/dovecot/managesieve
<br> process_limit = 5000
<br>}
<br>service pop3-login {
<br> executable = /usr/libexec/dovecot/pop3-login
<br> process_limit = 7000
<br> process_min_avail = 2
<br> service_count = 0
<br> vsz_limit = 1 G
<br>}
<br>service pop3 {
<br> executable = /usr/libexec/dovecot/pop3
<br> process_limit = 7000
<br>}
<br>service stats {
<br> fifo_listener stats-mail {
<br> mode = 0600
<br> user = entrega
<br> }
<br>}
<br>ssl_ca = </etc/pki/my_chain
<br>ssl_cert = </etc/pki/my_cert
<br>ssl_dh = # hidden, use -P to show it
<br>ssl_key = # hidden, use -P to show it
<br>userdb {
<br> args = /etc/dovecot/dovecot-ldap.conf
<br> driver = ldap
<br>}
<br>userdb {
<br> args = /etc/dovecot/dovecot-ldap-userdb.conf
<br> driver = ldap
<br>}
<br>verbose_proctitle = yes
<br>protocol sieve {
<br> managesieve_implementation_string = dovecot
<br> managesieve_logout_format = bytes=%i/%o
<br> managesieve_max_line_length = 65536
<br>}
<br>protocol lda {
<br> hostname = mydomain.com
<br> info_log_path =
<br> log_path =
<br> mail_fsync = optimized
<br> mail_plugins = sieve zlib quota virtual acl
<br> postmaster_address = postmaster@mydomain.com
<br> syslog_facility = mail
<br>}
<br>protocol imap {
<br> mail_plugins = zlib quota imap_quota virtual acl imap_acl notify mail_log
<br>}
<br>protocol pop3 {
<br> mail_plugins = zlib quota virtual
<br> pop3_enable_last = yes
<br> pop3_uidl_format = %g
<br>}
</div>
<div>
<br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<div>
<br>
</div>
<div class="io-ox-signature">
<pre>---
Aki Tuomi</pre>
</div>
</body>
</html>