thr3ads.net - dovecot - limit sharing ability to certain users [Aug 2018]

If this information is useful, please help other people find it:
Share via:

Simeon Ott

2018-Aug-07 09:23 UTC

limit sharing ability to certain users

? attached the dovecot -n, linked files, debug log lines during a standard
client login

root at buserver:/etc/dovecot/conf.d# doveconf -n
# 2.2.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.16.0-6-amd64 x86_64 Debian 8.11 
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
debug_log_path = syslog
disable_plaintext_auth = no
info_log_path = syslog
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
mail_debug = yes
mail_gid = 5000
mail_location = maildir:~/Maildir
mail_plugins = zlib quota acl
mail_uid = 5000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
namespace {
  hidden = no
  ignore_on_failure = no
  inbox = no
  list = children
  location = maildir:%%h/Maildir:INDEX=%h/shared/%%u:CONTROL=%h/shared/%%u
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Spam {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix = 
  separator = /
  type = private
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
plugin {
  acl = vfile
  acl_shared_dict = file:/var/spool/postfix/virtual/shared-mailboxes
  quota = maildir:User quota
  quota_exceeded_message = 4.2.2 Mailbox full
  quota_rule = *:storage=1G
  quota_rule2 = INBOX.Trash:storage=+100M
  quota_rule3 = INBOX.Spam:ignore
  quota_warning = storage=95%% quota-warning 95 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /var/lib/dovecot/sieve/default.sieve
  sieve_dir = ~/sieve
  sieve_max_actions = 32
  sieve_max_redirects = 4
  sieve_max_script_size = 1M
  sieve_quota_max_scripts = 0
  sieve_quota_max_storage = 0
}
protocols = " imap lmtp sieve pop3"
service auth {
  group = dovecot
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  unix_listener auth-master {
    group = vmail
    mode = 0666
    user = vmail
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0666
    user = vmail
  }
  user = dovecot
}
service lmtp {
  unix_listener lmtp {
    mode = 0666
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  inet_listener sieve_deprecated {
    port = 2000
  }
  process_min_avail = 0
  service_count = 1
  vsz_limit = 64 M
}
ssl = no
userdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
userdb {
  args = username_format=%Lu /etc/dovecot/share.passwd
  driver = passwd-file
}
protocol lmtp {
  mail_plugins = zlib quota acl sieve
}
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  deliver_log_format = msgid=%m: %$
  mail_plugins = zlib quota acl sieve
  postmaster_address = postmaster at onnet.ch
}
protocol imap {
  mail_plugins = zlib quota acl imap_quota imap_acl
}
protocol sieve {
  info_log_path = /var/log/sieve.log
  log_path = /var/log/sieve.log
  mail_max_userip_connections = 10
  managesieve_implementation_string = Dovecot Pigeonhole
  managesieve_logout_format = bytes=%i/%o
  managesieve_max_compile_errors = 5
  managesieve_max_line_length = 65536
}

root at buserver:/etc/dovecot# cat dovecot-acl
root at buserver:/etc/dovecot#

?> means empty file

root at buserver:/etc/dovecot# cat share.passwd 
test at onnet.ch:::::::userdb_acl=vfile:/etc/dovecot/dovecot-acl
userdb_acl_globals_only=yes

root at buserver:/etc/dovecot# sed -e '/^#/d' dovecot-ldap.conf
hosts = localhost
uris = ldap://localhost:389/
debug_level = 10
auth_bind = yes
ldap_version = 3
base = ou=domains,dc=intra,dc=onnet,dc=ch
deref = never
scope = subtree
user_attrs =
homeDirectory=home=/var/spool/postfix/virtual/%$,uidNumber=uid,gidNumber=gid,quota=quota_rule=*:bytes=%$
user_filter = (&(objectClass=CourierMailAccount)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=CourierMailAccount)(mail=%u))
iterate_attrs = mail=user
iterate_filter = (objectClass=CourierMailAccount)
default_pass_scheme = CRYPT

root at buserver:/etc/dovecot# cat /var/log/mail.log | grep "Aug  7
11:17:27"
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl vfile: file
/var/spool/postfix/virtual/onnet.ch/test//Maildir/.test folder 1.sub folder 1
1/dovecot-acl not found
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl vfile:
reading file
/var/spool/postfix/virtual/onnet.ch/test//Maildir/.super/dovecot-acl
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl vfile:
reading file /var/spool/postfix/virtual/onnet.ch/test//Maildir/.super.hello
du/dovecot-acl
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl vfile: file
/var/spool/postfix/virtual/onnet.ch/test//Maildir/.test folder 1/dovecot-acl not
found
Aug  7 11:17:27 buserver dovecot: auth: Debug: auth client connected (pid=3203)
Aug  7 11:17:27 buserver dovecot: auth: Debug: client in:
AUTH#0111#011PLAIN#011service=imap#011session=lkbV3NRyyQDAqDgB#011lip=192.168.56.50#011rip=192.168.56.1#011lport=143#011rport=52169#011resp=dGVzdEBvbm5ldC5jaAB0ZXN0QG9ubmV0LmNoAG5vdmVsbDEyMzQ1Ng==
(previous base64 data may contain sensitive data)
Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at
onnet.ch,192.168.56.1,<lkbV3NRyyQDAqDgB>): bind search:
base=ou=domains,dc=intra,dc=onnet,dc=ch
filter=(&(objectClass=CourierMailAccount)(mail=test at onnet.ch))
Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at
onnet.ch,192.168.56.1,<lkbV3NRyyQDAqDgB>): result: mail=test at onnet.ch;
mail unused
Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at
onnet.ch,192.168.56.1,<lkbV3NRyyQDAqDgB>): result: mail=test at onnet.ch
Aug  7 11:17:27 buserver dovecot: auth: Debug: client passdb out:
OK#0111#011user=test at onnet.ch
Aug  7 11:17:27 buserver dovecot: auth: Debug: master in:
REQUEST#0113718250497#0113203#0111#011089fd1d9e1a2c66586786422f24c51cd#011session_pid=3206#011request_auth_token
Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at
onnet.ch,192.168.56.1,<lkbV3NRyyQDAqDgB>): user search:
base=ou=domains,dc=intra,dc=onnet,dc=ch scope=subtree
filter=(&(objectClass=CourierMailAccount)(mail=test at onnet.ch))
fields=homeDirectory,uidNumber,gidNumber,quota
Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at
onnet.ch,192.168.56.1,<lkbV3NRyyQDAqDgB>): result: uidNumber=5000
quota=1073741824 gidNumber=5000 homeDirectory=onnet.ch/test/;
homeDirectory,uidNumber,quota,gidNumber unused
Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at
onnet.ch,192.168.56.1,<lkbV3NRyyQDAqDgB>): result: uidNumber=5000
quota=1073741824 gidNumber=5000 homeDirectory=onnet.ch/test/
Aug  7 11:17:27 buserver dovecot: auth: Debug: master userdb out:
USER#0113718250497#011test at
onnet.ch#011home=/var/spool/postfix/virtual/onnet.ch/test/#011uid=5000#011gid=5000#011quota_rule=*:bytes=1073741824#011auth_token=913bee7c974e18d4527fc38d90457411e7e61201
Aug  7 11:17:27 buserver dovecot: imap-login: Login: user=<test at
onnet.ch>, method=PLAIN, rip=192.168.56.1, lip=192.168.56.50, mpid=3206
Aug  7 11:17:27 buserver dovecot: imap: Debug: Loading modules from directory:
/usr/lib/dovecot/modules
Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
/usr/lib/dovecot/modules/lib01_acl_plugin.so
Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
/usr/lib/dovecot/modules/lib02_imap_acl_plugin.so
Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
/usr/lib/dovecot/modules/lib10_quota_plugin.so
Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
/usr/lib/dovecot/modules/lib11_imap_quota_plugin.so
Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
/usr/lib/dovecot/modules/lib20_zlib_plugin.so
Aug  7 11:17:27 buserver dovecot: imap: Debug: Added userdb setting:
plugin/quota_rule=*:bytes=1073741824
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Effective
uid=5000, gid=5000, home=/var/spool/postfix/virtual/onnet.ch/test/
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Quota root:
name=User quota backend=maildir argsAug  7 11:17:27 buserver dovecot: imap(test
at onnet.ch): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824
messages=0
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Quota rule:
root=User quota mailbox=INBOX.Trash bytes=+104857600 messages=0
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Quota rule:
root=User quota mailbox=INBOX.Spam ignored
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Quota warning:
bytes=1020054732 (95%) messages=0 reverse=no command=quota-warning 95 test at
onnet.ch
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Quota grace:
root=User quota bytes=107374182 (10%)
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Namespace
inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: maildir++:
root=/var/spool/postfix/virtual/onnet.ch/test//Maildir, index=, indexpvt=,
control=, inbox=/var/spool/postfix/virtual/onnet.ch/test//Maildir, altAug  7
11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl: initializing
backend with data: vfile
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl: acl
username = test at onnet.ch
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl: owner = 1
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl vfile:
Global ACLs disabled
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: Namespace :
type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=children,
subscriptions=yes
location=maildir:%h/Maildir:INDEX=/var/spool/postfix/virtual/onnet.ch/test//shared/%u:CONTROL=/var/spool/postfix/virtual/onnet.ch/test//shared/%u
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: shared:
root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, altAug  7 11:17:27
buserver dovecot: imap(test at onnet.ch): Debug: acl: initializing backend with
data: vfile
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl: acl
username = test at onnet.ch
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl: owner = 0
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Debug: acl vfile:
Global ACLs disabled
Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch): Disconnected: Logged
out in=30 out=457

thanks for looking into this
> On 7 Aug 2018, at 10:34, Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
> 
> Can you provide your doveconf -n after adding the database *after* LDAP.
> 
> You probably need to add 'noauthenticate' as one parameter after
the
> userdb ones.
> 
> Aki
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20180807/8b848fa7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3696 bytes
Desc: not available
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20180807/8b848fa7/attachment-0001.p7s>

Aki Tuomi

2018-Aug-07 09:35 UTC

head link

limit sharing ability to certain users

Ah. You probably need to change ldap userdb so that you add

userdb {
  driver = ldap
? args = /etc/dovecot/dovecot-ldap.conf
  result_success = continue-ok
}

so that the next one is processed. 

you can use 'doveadm user test at onnet.ch' to verify that the
attributes are read for this user, and with another username that they are not.

Aki


On 07.08.2018 12:23, Simeon Ott wrote:> ? attached the dovecot -n, linked files, debug log lines during a
> standard client login
>
> root at buserver:/etc/dovecot/conf.d# doveconf -n
> # 2.2.13: /etc/dovecot/dovecot.conf
> # OS: Linux 3.16.0-6-amd64 x86_64 Debian 8.11?
> auth_debug = yes
> auth_debug_passwords = yes
> auth_mechanisms = plain login
> auth_verbose = yes
> auth_verbose_passwords = plain
> debug_log_path = syslog
> disable_plaintext_auth = no
> info_log_path = syslog
> lda_mailbox_autocreate = yes
> lda_mailbox_autosubscribe = yes
> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e
%c
> mail_debug = yes
> mail_gid = 5000
> mail_location = maildir:~/Maildir
> mail_plugins = zlib quota acl
> mail_uid = 5000
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date ihave
> namespace {
> ? hidden = no
> ? ignore_on_failure = no
> ? inbox = no
> ? list = children
> ? location = maildir:%%h/Maildir:INDEX=%h/shared/%%u:CONTROL=%h/shared/%%u
> ? prefix = shared/%%u/
> ? separator = /
> ? subscriptions = yes
> ? type = shared
> }
> namespace inbox {
> ? inbox = yes
> ? location =?
> ? mailbox Drafts {
> ? ? auto = subscribe
> ? ? special_use = \Drafts
> ? }
> ? mailbox Sent {
> ? ? auto = subscribe
> ? ? special_use = \Sent
> ? }
> ? mailbox "Sent Messages" {
> ? ? special_use = \Sent
> ? }
> ? mailbox Spam {
> ? ? auto = subscribe
> ? ? special_use = \Junk
> ? }
> ? mailbox Trash {
> ? ? auto = subscribe
> ? ? special_use = \Trash
> ? }
> ? prefix =?
> ? separator = /
> ? type = private
> }
> passdb {
> ? args = /etc/dovecot/dovecot-ldap.conf
> ? driver = ldap
> }
> plugin {
> ? acl = vfile
> ? acl_shared_dict = file:/var/spool/postfix/virtual/shared-mailboxes
> ? quota = maildir:User quota
> ? quota_exceeded_message = 4.2.2 Mailbox full
> ? quota_rule = *:storage=1G
> ? quota_rule2 = INBOX.Trash:storage=+100M
> ? quota_rule3 = INBOX.Spam:ignore
> ? quota_warning = storage=95%% quota-warning 95 %u
> ? sieve = ~/.dovecot.sieve
> ? sieve_before = /var/lib/dovecot/sieve/default.sieve
> ? sieve_dir = ~/sieve
> ? sieve_max_actions = 32
> ? sieve_max_redirects = 4
> ? sieve_max_script_size = 1M
> ? sieve_quota_max_scripts = 0
> ? sieve_quota_max_storage = 0
> }
> protocols = " imap lmtp sieve pop3"
> service auth {
> ? group = dovecot
> ? unix_listener /var/spool/postfix/private/auth {
> ? ? group = postfix
> ? ? mode = 0666
> ? ? user = postfix
> ? }
> ? unix_listener auth-master {
> ? ? group = vmail
> ? ? mode = 0666
> ? ? user = vmail
> ? }
> ? unix_listener auth-userdb {
> ? ? group = vmail
> ? ? mode = 0666
> ? ? user = vmail
> ? }
> ? user = dovecot
> }
> service lmtp {
> ? unix_listener lmtp {
> ? ? mode = 0666
> ? }
> }
> service managesieve-login {
> ? inet_listener sieve {
> ? ? port = 4190
> ? }
> ? inet_listener sieve_deprecated {
> ? ? port = 2000
> ? }
> ? process_min_avail = 0
> ? service_count = 1
> ? vsz_limit = 64 M
> }
> ssl = no
> userdb {
> ? args = /etc/dovecot/dovecot-ldap.conf
> ? driver = ldap
> }
> userdb {
> ? args = username_format=%Lu /etc/dovecot/share.passwd
> ? driver = passwd-file
> }
> protocol lmtp {
> ? mail_plugins = zlib quota acl sieve
> }
> protocol lda {
> ? auth_socket_path = /var/run/dovecot/auth-master
> ? deliver_log_format = msgid=%m: %$
> ? mail_plugins = zlib quota acl sieve
> ? postmaster_address = postmaster at onnet.ch <mailto:postmaster at
onnet.ch>
> }
> protocol imap {
> ? mail_plugins = zlib quota acl imap_quota imap_acl
> }
> protocol sieve {
> ? info_log_path = /var/log/sieve.log
> ? log_path = /var/log/sieve.log
> ? mail_max_userip_connections = 10
> ? managesieve_implementation_string = Dovecot Pigeonhole
> ? managesieve_logout_format = bytes=%i/%o
> ? managesieve_max_compile_errors = 5
> ? managesieve_max_line_length = 65536
> }
>
> root at buserver:/etc/dovecot# cat dovecot-acl
> root at buserver:/etc/dovecot#
>
> ?> means empty file
>
> root at buserver:/etc/dovecot# cat share.passwd?
> test at onnet.ch
> <mailto:test at
onnet.ch>:::::::userdb_acl=vfile:/etc/dovecot/dovecot-acl
> userdb_acl_globals_only=yes
>
> root at buserver:/etc/dovecot# sed -e '/^#/d' dovecot-ldap.conf
> hosts = localhost
> uris = ldap://localhost:389/
> debug_level = 10
> auth_bind = yes
> ldap_version = 3
> base = ou=domains,dc=intra,dc=onnet,dc=ch
> deref = never
> scope = subtree
> user_attrs >
homeDirectory=home=/var/spool/postfix/virtual/%$,uidNumber=uid,gidNumber=gid,quota=quota_rule=*:bytes=%$
> user_filter = (&(objectClass=CourierMailAccount)(mail=%u))
> pass_attrs = mail=user,userPassword=password
> pass_filter = (&(objectClass=CourierMailAccount)(mail=%u))
> iterate_attrs = mail=user
> iterate_filter = (objectClass=CourierMailAccount)
> default_pass_scheme = CRYPT
>
> root at buserver:/etc/dovecot# cat /var/log/mail.log | grep "Aug? 7
11:17:27"
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl vfile: file
> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.test
> <http://onnet.ch/test//Maildir/.test> folder 1.sub folder 1
> 1/dovecot-acl not found
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl vfile: reading file
> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.super/dovecot-acl
> <http://onnet.ch/test//Maildir/.super/dovecot-acl>
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl vfile: reading file
> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.super.hello
> <http://onnet.ch/test//Maildir/.super.hello> du/dovecot-acl
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl vfile: file
> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.test
> <http://onnet.ch/test//Maildir/.test> folder 1/dovecot-acl not found
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: auth client connected
> (pid=3203)
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: client in:
>
AUTH#0111#011PLAIN#011service=imap#011session=lkbV3NRyyQDAqDgB#011lip=192.168.56.50#011rip=192.168.56.1#011lport=143#011rport=52169#011resp=dGVzdEBvbm5ldC5jaAB0ZXN0QG9ubmV0LmNoAG5vdmVsbDEyMzQ1Ng=>
(previous base64 data may contain sensitive data)
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
bind search:
> base=ou=domains,dc=intra,dc=onnet,dc=ch
> filter=(&(objectClass=CourierMailAccount)(mail=test at onnet.ch
> <mailto:mail=test at onnet.ch>))
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
> mail=test at onnet.ch <mailto:mail=test at onnet.ch>; mail unused
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
> mail=test at onnet.ch <mailto:mail=test at onnet.ch>
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: client passdb out:
> OK#0111#011user=test at onnet.ch <mailto:OK#0111#011user=test at
onnet.ch>
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: master in:
>
REQUEST#0113718250497#0113203#0111#011089fd1d9e1a2c66586786422f24c51cd#011session_pid=3206#011request_auth_token
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
user search:
> base=ou=domains,dc=intra,dc=onnet,dc=ch scope=subtree
> filter=(&(objectClass=CourierMailAccount)(mail=test at onnet.ch
> <mailto:mail=test at onnet.ch>))
> fields=homeDirectory,uidNumber,gidNumber,quota
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
> uidNumber=5000 quota=1073741824 gidNumber=5000
> homeDirectory=onnet.ch/test/ <http://onnet.ch/test/>;
> homeDirectory,uidNumber,quota,gidNumber unused
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
> uidNumber=5000 quota=1073741824 gidNumber=5000
> homeDirectory=onnet.ch/test/ <http://onnet.ch/test/>
> Aug? 7 11:17:27 buserver dovecot: auth: Debug: master userdb out:
> USER#0113718250497#011test at onnet.ch
> <mailto:USER#0113718250497#011test at
onnet.ch>#011home=/var/spool/postfix/virtual/onnet.ch/test/#011uid=5000#011gid=5000#011quota_rule=*:bytes=1073741824#011auth_token=913bee7c974e18d4527fc38d90457411e7e61201
>
<http://onnet.ch/test/#011uid=5000#011gid=5000#011quota_rule=*:bytes=1073741824#011auth_token=913bee7c974e18d4527fc38d90457411e7e61201>
> Aug? 7 11:17:27 buserver dovecot: imap-login: Login:
> user=<test at onnet.ch <mailto:test at onnet.ch>>,
method=PLAIN,
> rip=192.168.56.1, lip=192.168.56.50, mpid=3206
> Aug? 7 11:17:27 buserver dovecot: imap: Debug: Loading modules from
> directory: /usr/lib/dovecot/modules
> Aug? 7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
> /usr/lib/dovecot/modules/lib01_acl_plugin.so
> Aug? 7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
> /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so
> Aug? 7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
> /usr/lib/dovecot/modules/lib10_quota_plugin.so
> Aug? 7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
> /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so
> Aug? 7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
> /usr/lib/dovecot/modules/lib20_zlib_plugin.so
> Aug? 7 11:17:27 buserver dovecot: imap: Debug: Added userdb setting:
> plugin/quota_rule=*:bytes=1073741824
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Effective uid=5000, gid=5000,
> home=/var/spool/postfix/virtual/onnet.ch/test/
<http://onnet.ch/test/>
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Quota root: name=User quota
> backend=maildir args> Aug? 7 11:17:27 buserver dovecot: imap(test at
onnet.ch
> <mailto:test at onnet.ch>): Debug: Quota rule: root=User quota
mailbox=*
> bytes=1073741824 messages=0
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Quota rule: root=User quota
> mailbox=INBOX.Trash bytes=+104857600 messages=0
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Quota rule: root=User quota
> mailbox=INBOX.Spam ignored
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Quota warning: bytes=1020054732
(95%)
> messages=0 reverse=no command=quota-warning 95 test at onnet.ch
> <mailto:test at onnet.ch>
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Quota grace: root=User quota
> bytes=107374182 (10%)
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Namespace inbox: type=private,
> prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes
> location=maildir:~/Maildir
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: maildir++:
> root=/var/spool/postfix/virtual/onnet.ch/test//Maildir
> <http://onnet.ch/test//Maildir>, index=, indexpvt=, control=,
> inbox=/var/spool/postfix/virtual/onnet.ch/test//Maildir
> <http://onnet.ch/test//Maildir>, alt> Aug? 7 11:17:27 buserver
dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl: initializing backend with
data: vfile
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl: acl username = test at
onnet.ch
> <mailto:test at onnet.ch>
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl: owner = 1
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl vfile: Global ACLs disabled
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: Namespace : type=shared,
> prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=children,
> subscriptions=yes
>
location=maildir:%h/Maildir:INDEX=/var/spool/postfix/virtual/onnet.ch/test//shared/%u:CONTROL=/var/spool/postfix/virtual/onnet.ch/test//shared/%u
>
<http://onnet.ch/test//shared/%u:CONTROL=/var/spool/postfix/virtual/onnet.ch/test//shared/%u>
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: shared: root=/var/run/dovecot,
index=,
> indexpvt=, control=, inbox=, alt> Aug? 7 11:17:27 buserver dovecot:
imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl: initializing backend with
data: vfile
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl: acl username = test at
onnet.ch
> <mailto:test at onnet.ch>
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl: owner = 0
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Debug: acl vfile: Global ACLs disabled
> Aug? 7 11:17:27 buserver dovecot: imap(test at onnet.ch
> <mailto:test at onnet.ch>): Disconnected: Logged out in=30 out=457
>
> thanks for looking into this
>
>> On 7 Aug 2018, at 10:34, Aki Tuomi <aki.tuomi at dovecot.fi
>> <mailto:aki.tuomi at dovecot.fi>> wrote:
>>
>> Can you provide your doveconf -n after adding the database *after*
LDAP.
>>
>> You probably need to add 'noauthenticate' as one parameter
after the
>> userdb ones.
>>
>> Aki
>>
>

Simeon Ott

2018-Aug-07 09:58 UTC

head link

limit sharing ability to certain users

Now the attributes are correctly read for the user test at onnet.ch
<mailto:test at onnet.ch>, but other users are not able to authenticate
anymore.

root at buserver:/var/spool/postfix/virtual/onnet.ch/test/Maildir/.super#
doveadm user test at onnet.ch
field	value
uid	5000
gid	5000
home	/var/spool/postfix/virtual/onnet.ch/test/
mail	maildir:~/Maildir
quota_rule	*:bytes=1073741824
acl	vfile:/etc/dovecot/dovecot-acl
acl_globals_only	yes

root at buserver:/etc/dovecot# doveadm user test2 at onnet.ch
field	valueuserdb lookup: user test2 at onnet.ch doesn't exist

I need to add all users to the passwd too to let other users authenticate
properly. This is not an option for our productive server, because the LDAP
directory should be the main db for user administration. After adding ?test at
onnet.ch:::::::? to the passwd file, doveadm user works with test2 at onnet.ch

root at buserver:/var/spool/postfix/virtual/onnet.ch/test/Maildir/.super#
doveadm user test2 at onnet.ch
field	value
uid	5000
gid	5000
home	/var/spool/postfix/virtual/onnet.ch/test2/
mail	maildir:~/Maildir
quota_rule	*:bytes=1073741824

IMPORTANT NOTE: anyway.. even with this options set (acl and acl_globals_only)
the user test at onnet.ch <mailto:test at onnet.ch> is still able to share
its own folders?!

> On 7 Aug 2018, at 11:35, Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
> 
> Ah. You probably need to change ldap userdb so that you add
> 
> userdb {
>  driver = ldap
>   args = /etc/dovecot/dovecot-ldap.conf
>  result_success = continue-ok
> }
> 
> so that the next one is processed. 
> 
> you can use 'doveadm user test at onnet.ch' to verify that the
attributes are read for this user, and with another username that they are not.
> 
> Aki
> 
> 
> On 07.08.2018 12:23, Simeon Ott wrote:
>> ? attached the dovecot -n, linked files, debug log lines during a
>> standard client login
>> 
>> root at buserver:/etc/dovecot/conf.d# doveconf -n
>> # 2.2.13: /etc/dovecot/dovecot.conf
>> # OS: Linux 3.16.0-6-amd64 x86_64 Debian 8.11 
>> auth_debug = yes
>> auth_debug_passwords = yes
>> auth_mechanisms = plain login
>> auth_verbose = yes
>> auth_verbose_passwords = plain
>> debug_log_path = syslog
>> disable_plaintext_auth = no
>> info_log_path = syslog
>> lda_mailbox_autocreate = yes
>> lda_mailbox_autosubscribe = yes
>> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l
mpid=%e %c
>> mail_debug = yes
>> mail_gid = 5000
>> mail_location = maildir:~/Maildir
>> mail_plugins = zlib quota acl
>> mail_uid = 5000
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date ihave
>> namespace {
>>   hidden = no
>>   ignore_on_failure = no
>>   inbox = no
>>   list = children
>>   location =
maildir:%%h/Maildir:INDEX=%h/shared/%%u:CONTROL=%h/shared/%%u
>>   prefix = shared/%%u/
>>   separator = /
>>   subscriptions = yes
>>   type = shared
>> }
>> namespace inbox {
>>   inbox = yes
>>   location = 
>>   mailbox Drafts {
>>     auto = subscribe
>>     special_use = \Drafts
>>   }
>>   mailbox Sent {
>>     auto = subscribe
>>     special_use = \Sent
>>   }
>>   mailbox "Sent Messages" {
>>     special_use = \Sent
>>   }
>>   mailbox Spam {
>>     auto = subscribe
>>     special_use = \Junk
>>   }
>>   mailbox Trash {
>>     auto = subscribe
>>     special_use = \Trash
>>   }
>>   prefix = 
>>   separator = /
>>   type = private
>> }
>> passdb {
>>   args = /etc/dovecot/dovecot-ldap.conf
>>   driver = ldap
>> }
>> plugin {
>>   acl = vfile
>>   acl_shared_dict = file:/var/spool/postfix/virtual/shared-mailboxes
>>   quota = maildir:User quota
>>   quota_exceeded_message = 4.2.2 Mailbox full
>>   quota_rule = *:storage=1G
>>   quota_rule2 = INBOX.Trash:storage=+100M
>>   quota_rule3 = INBOX.Spam:ignore
>>   quota_warning = storage=95%% quota-warning 95 %u
>>   sieve = ~/.dovecot.sieve
>>   sieve_before = /var/lib/dovecot/sieve/default.sieve
>>   sieve_dir = ~/sieve
>>   sieve_max_actions = 32
>>   sieve_max_redirects = 4
>>   sieve_max_script_size = 1M
>>   sieve_quota_max_scripts = 0
>>   sieve_quota_max_storage = 0
>> }
>> protocols = " imap lmtp sieve pop3"
>> service auth {
>>   group = dovecot
>>   unix_listener /var/spool/postfix/private/auth {
>>     group = postfix
>>     mode = 0666
>>     user = postfix
>>   }
>>   unix_listener auth-master {
>>     group = vmail
>>     mode = 0666
>>     user = vmail
>>   }
>>   unix_listener auth-userdb {
>>     group = vmail
>>     mode = 0666
>>     user = vmail
>>   }
>>   user = dovecot
>> }
>> service lmtp {
>>   unix_listener lmtp {
>>     mode = 0666
>>   }
>> }
>> service managesieve-login {
>>   inet_listener sieve {
>>     port = 4190
>>   }
>>   inet_listener sieve_deprecated {
>>     port = 2000
>>   }
>>   process_min_avail = 0
>>   service_count = 1
>>   vsz_limit = 64 M
>> }
>> ssl = no
>> userdb {
>>   args = /etc/dovecot/dovecot-ldap.conf
>>   driver = ldap
>> }
>> userdb {
>>   args = username_format=%Lu /etc/dovecot/share.passwd
>>   driver = passwd-file
>> }
>> protocol lmtp {
>>   mail_plugins = zlib quota acl sieve
>> }
>> protocol lda {
>>   auth_socket_path = /var/run/dovecot/auth-master
>>   deliver_log_format = msgid=%m: %$
>>   mail_plugins = zlib quota acl sieve
>>   postmaster_address = postmaster at onnet.ch <mailto:postmaster at
onnet.ch>
>> }
>> protocol imap {
>>   mail_plugins = zlib quota acl imap_quota imap_acl
>> }
>> protocol sieve {
>>   info_log_path = /var/log/sieve.log
>>   log_path = /var/log/sieve.log
>>   mail_max_userip_connections = 10
>>   managesieve_implementation_string = Dovecot Pigeonhole
>>   managesieve_logout_format = bytes=%i/%o
>>   managesieve_max_compile_errors = 5
>>   managesieve_max_line_length = 65536
>> }
>> 
>> root at buserver:/etc/dovecot# cat dovecot-acl
>> root at buserver:/etc/dovecot#
>> 
>> ?> means empty file
>> 
>> root at buserver:/etc/dovecot# cat share.passwd 
>> test at onnet.ch
>> <mailto:test at
onnet.ch>:::::::userdb_acl=vfile:/etc/dovecot/dovecot-acl
>> userdb_acl_globals_only=yes
>> 
>> root at buserver:/etc/dovecot# sed -e '/^#/d' dovecot-ldap.conf
>> hosts = localhost
>> uris = ldap://localhost:389/
>> debug_level = 10
>> auth_bind = yes
>> ldap_version = 3
>> base = ou=domains,dc=intra,dc=onnet,dc=ch
>> deref = never
>> scope = subtree
>> user_attrs >>
homeDirectory=home=/var/spool/postfix/virtual/%$,uidNumber=uid,gidNumber=gid,quota=quota_rule=*:bytes=%$
>> user_filter = (&(objectClass=CourierMailAccount)(mail=%u))
>> pass_attrs = mail=user,userPassword=password
>> pass_filter = (&(objectClass=CourierMailAccount)(mail=%u))
>> iterate_attrs = mail=user
>> iterate_filter = (objectClass=CourierMailAccount)
>> default_pass_scheme = CRYPT
>> 
>> root at buserver:/etc/dovecot# cat /var/log/mail.log | grep "Aug 
7 11:17:27"
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl vfile: file
>> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.test
>> <http://onnet.ch/test//Maildir/.test> folder 1.sub folder 1
>> 1/dovecot-acl not found
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl vfile: reading file
>> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.super/dovecot-acl
>> <http://onnet.ch/test//Maildir/.super/dovecot-acl>
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl vfile: reading file
>> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.super.hello
>> <http://onnet.ch/test//Maildir/.super.hello> du/dovecot-acl
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl vfile: file
>> /var/spool/postfix/virtual/onnet.ch/test//Maildir/.test
>> <http://onnet.ch/test//Maildir/.test> folder 1/dovecot-acl not
found
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: auth client connected
>> (pid=3203)
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: client in:
>>
AUTH#0111#011PLAIN#011service=imap#011session=lkbV3NRyyQDAqDgB#011lip=192.168.56.50#011rip=192.168.56.1#011lport=143#011rport=52169#011resp=dGVzdEBvbm5ldC5jaAB0ZXN0QG9ubmV0LmNoAG5vdmVsbDEyMzQ1Ng=>>
(previous base64 data may contain sensitive data)
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
>> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
bind search:
>> base=ou=domains,dc=intra,dc=onnet,dc=ch
>> filter=(&(objectClass=CourierMailAccount)(mail=test at onnet.ch
>> <mailto:mail=test at onnet.ch>))
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
>> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
>> mail=test at onnet.ch <mailto:mail=test at onnet.ch>; mail unused
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
>> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
>> mail=test at onnet.ch <mailto:mail=test at onnet.ch>
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: client passdb out:
>> OK#0111#011user=test at onnet.ch <mailto:OK#0111#011user=test at
onnet.ch>
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: master in:
>>
REQUEST#0113718250497#0113203#0111#011089fd1d9e1a2c66586786422f24c51cd#011session_pid=3206#011request_auth_token
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
>> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
user search:
>> base=ou=domains,dc=intra,dc=onnet,dc=ch scope=subtree
>> filter=(&(objectClass=CourierMailAccount)(mail=test at onnet.ch
>> <mailto:mail=test at onnet.ch>))
>> fields=homeDirectory,uidNumber,gidNumber,quota
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
>> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
>> uidNumber=5000 quota=1073741824 gidNumber=5000
>> homeDirectory=onnet.ch/test/ <http://onnet.ch/test/>;
>> homeDirectory,uidNumber,quota,gidNumber unused
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: ldap(test at onnet.ch
>> <mailto:test at onnet.ch>,192.168.56.1,<lkbV3NRyyQDAqDgB>):
result:
>> uidNumber=5000 quota=1073741824 gidNumber=5000
>> homeDirectory=onnet.ch/test/ <http://onnet.ch/test/>
>> Aug  7 11:17:27 buserver dovecot: auth: Debug: master userdb out:
>> USER#0113718250497#011test at onnet.ch
>> <mailto:USER#0113718250497#011test at
onnet.ch>#011home=/var/spool/postfix/virtual/onnet.ch/test/#011uid=5000#011gid=5000#011quota_rule=*:bytes=1073741824#011auth_token=913bee7c974e18d4527fc38d90457411e7e61201
>>
<http://onnet.ch/test/#011uid=5000#011gid=5000#011quota_rule=*:bytes=1073741824#011auth_token=913bee7c974e18d4527fc38d90457411e7e61201>
>> Aug  7 11:17:27 buserver dovecot: imap-login: Login:
>> user=<test at onnet.ch <mailto:test at onnet.ch>>,
method=PLAIN,
>> rip=192.168.56.1, lip=192.168.56.50, mpid=3206
>> Aug  7 11:17:27 buserver dovecot: imap: Debug: Loading modules from
>> directory: /usr/lib/dovecot/modules
>> Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
>> /usr/lib/dovecot/modules/lib01_acl_plugin.so
>> Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
>> /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so
>> Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
>> /usr/lib/dovecot/modules/lib10_quota_plugin.so
>> Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
>> /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so
>> Aug  7 11:17:27 buserver dovecot: imap: Debug: Module loaded:
>> /usr/lib/dovecot/modules/lib20_zlib_plugin.so
>> Aug  7 11:17:27 buserver dovecot: imap: Debug: Added userdb setting:
>> plugin/quota_rule=*:bytes=1073741824
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Effective uid=5000, gid=5000,
>> home=/var/spool/postfix/virtual/onnet.ch/test/
<http://onnet.ch/test/>
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Quota root: name=User quota
>> backend=maildir args>> Aug  7 11:17:27 buserver dovecot:
imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Quota rule: root=User quota
mailbox=*
>> bytes=1073741824 messages=0
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Quota rule: root=User quota
>> mailbox=INBOX.Trash bytes=+104857600 messages=0
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Quota rule: root=User quota
>> mailbox=INBOX.Spam ignored
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Quota warning:
bytes=1020054732 (95%)
>> messages=0 reverse=no command=quota-warning 95 test at onnet.ch
>> <mailto:test at onnet.ch>
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Quota grace: root=User quota
>> bytes=107374182 (10%)
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Namespace inbox: type=private,
>> prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes
>> location=maildir:~/Maildir
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: maildir++:
>> root=/var/spool/postfix/virtual/onnet.ch/test//Maildir
>> <http://onnet.ch/test//Maildir>, index=, indexpvt=, control=,
>> inbox=/var/spool/postfix/virtual/onnet.ch/test//Maildir
>> <http://onnet.ch/test//Maildir>, alt>> Aug  7 11:17:27
buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl: initializing backend with
data: vfile
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl: acl username = test at
onnet.ch
>> <mailto:test at onnet.ch>
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl: owner = 1
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl vfile: Global ACLs
disabled
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: Namespace : type=shared,
>> prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=children,
>> subscriptions=yes
>>
location=maildir:%h/Maildir:INDEX=/var/spool/postfix/virtual/onnet.ch/test//shared/%u:CONTROL=/var/spool/postfix/virtual/onnet.ch/test//shared/%u
>>
<http://onnet.ch/test//shared/%u:CONTROL=/var/spool/postfix/virtual/onnet.ch/test//shared/%u>
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: shared: root=/var/run/dovecot,
index=,
>> indexpvt=, control=, inbox=, alt>> Aug  7 11:17:27 buserver
dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl: initializing backend with
data: vfile
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl: acl username = test at
onnet.ch
>> <mailto:test at onnet.ch>
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl: owner = 0
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Debug: acl vfile: Global ACLs
disabled
>> Aug  7 11:17:27 buserver dovecot: imap(test at onnet.ch
>> <mailto:test at onnet.ch>): Disconnected: Logged out in=30
out=457
>> 
>> thanks for looking into this
>> 
>>> On 7 Aug 2018, at 10:34, Aki Tuomi <aki.tuomi at dovecot.fi
>>> <mailto:aki.tuomi at dovecot.fi>> wrote:
>>> 
>>> Can you provide your doveconf -n after adding the database *after*
LDAP.
>>> 
>>> You probably need to add 'noauthenticate' as one parameter
after the
>>> userdb ones.
>>> 
>>> Aki
>>> 
>> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20180807/d9d98411/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3696 bytes
Desc: not available
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20180807/d9d98411/attachment-0001.p7s>

Reasonably Related Threads

Search for more reasonably related threads

dovecot - Aug 2018 - limit sharing ability to certain users

limit sharing ability to certain users

limit sharing ability to certain users

limit sharing ability to certain users

Reasonably Related Threads