dovecot - Apr 2006 - Just setup Dovecot and having a small problem.

I've just installed Dovecot and am running into a bit of a problem with it.
I'm using virtual email accounts and everything seems to be working up to a
certain point. Let me break down how the server is setup.

Each domain belongs under the directory /mail so it's path is basically:
/mail/domain.tld. Within each domain directory there are two sub-directories
etc and mail. Under /mail/domain.tld/etc I have two files setup aliases and
passwd, the aliases file handles all mail aliasing for that domain and the
passwd file holds the users account name and password. The password file has
the accounts stored in the following format:

user at domain.tld:(encrypted password):500:500:Virtual
User:/mail/domain.tld/mail/user:/dev/null

The password enctryption is basically htpasswd() style encryption. Now the
problem I'm having is I keep getting authentication errors when I try to
login via POP3 (I'm testing via command line so I do `telnet localhost
110`). At first I had only auth_debug_passwords=yes set and I was seeing
this in the log file:

Apr 23 18:54:19 www dovecot: auth(default): client in:
AUTH^I1^IPLAIN^Iservice=POP3^Isecured^Ilip127.0.0.1^Irip=127.0.0.1^Iresp=AHRvbUBkZXRyb2l0b25saW5lLmNvbQBuZXdiZXJn
Apr 23 18:54:19 www dovecot: auth(default): pam(user at domain.tld,127.0.0.1):
pam_authenticate() failed: Authentication failure
Apr 23 18:54:19 www dovecot: auth(default): passwd-file
/mail/domain.tld/etc/passwd: Read 1 users
Apr 23 18:54:19 www dovecot: auth(default): passwd-file(user at domain.tld,
127.0.0.1): unknown user
Apr 23 18:54:20 www dovecot: auth(default): client out: FAIL^I1^Iuseruser at
domain.tld

So I can see it's reading the proper password file but it claims that user
doesn't exist, however, that user does exist. When I turn on
auth_verbose=yes and I'm still seeing the same errors in the log file.

Can someone tell me what I'm missing here? I'm really on a time crunch
with
this, our mail server died friday morning and it's been put on me to fix it.
They insist I use UW IMAP but I can't get it to work with the vitrtual users
like the previous guy did. I've used Dovecot before but it's been two
years
and I can't remember how I got everything working before. They want things
back to normal by Monday morning (tomorrow) so now I'm a bit stressed since
I've lost most my weekend rebuilding the server and users.

Any help would be appreciated. I thought I had this setup just right but I
just can't get passed it telling me the user doesn't exsist.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20060423/007a2df0/attachment-0001.html>

On 4/23/06, Angel Pavlov <angel at coffeejob.com>
wrote:
>
> Tom Ray wrote:
>
> I've just installed Dovecot and am running into a bit of a problem with
> it. I'm using virtual email accounts and everything seems to be working
up
> to a certain point. Let me break down how the server is setup.
>
> Each domain belongs under the directory /mail so it's path is
basically:
> /mail/domain.tld. Within each domain directory there are two
sub-directories
> etc and mail. Under /mail/domain.tld/etc I have two files setup aliases and
> passwd, the aliases file handles all mail aliasing for that domain and the
> passwd file holds the users account name and password. The password file
has
> the accounts stored in the following format:
>
> user at domain.tld:(encrypted <user at
domain.tld:%28encrypted>password):500:500:Virtual
User:/mail/domain.tld/mail/user:/dev/null
>
> The password enctryption is basically htpasswd() style encryption. Now the
> problem I'm having is I keep getting authentication errors when I try
to
> login via POP3 (I'm testing via command line so I do `telnet localhost
> 110`). At first I had only auth_debug_passwords=yes set and I was seeing
> this in the log file:
>
> Apr 23 18:54:19 www dovecot: auth(default): client in:
> AUTH^I1^IPLAIN^Iservice=POP3^Isecured^Ilip>
127.0.0.1^Irip=127.0.0.1^Iresp=AHRvbUBkZXRyb2l0b25saW5lLmNvbQBuZXdiZXJn
> Apr 23 18:54:19 www dovecot: auth(default): pam(user at
domain.tld,127.0.0.1):
> pam_authenticate() failed: Authentication failure
> Apr 23 18:54:19 www dovecot: auth(default): passwd-file
> /mail/domain.tld/etc/passwd: Read 1 users
> Apr 23 18:54:19 www dovecot: auth(default): passwd-file(user at domain.tld,
> 127.0.0.1): unknown user
> Apr 23 18:54:20 www dovecot: auth(default): client out: FAIL^I1^Iuser>
user at domain.tld
>
> So I can see it's reading the proper password file but it claims that
user
> doesn't exist, however, that user does exist. When I turn on
> auth_verbose=yes and I'm still seeing the same errors in the log file.
>
> Can someone tell me what I'm missing here? I'm really on a time
crunch
> with this, our mail server died friday morning and it's been put on me
to
> fix it. They insist I use UW IMAP but I can't get it to work with the
> vitrtual users like the previous guy did. I've used Dovecot before but
it's
> been two years and I can't remember how I got everything working
before.
> They want things back to normal by Monday morning (tomorrow) so now I'm
a
> bit stressed since I've lost most my weekend rebuilding the server and
> users.
>
> Any help would be appreciated. I thought I had this setup just right but I
> just can't get passed it telling me the user doesn't exsist.
>
>
>  try :
>
> 1. htpasswd file formated : user at domain.tld:(encrypted<user at
domain.tld:%28encrypted>password)
> 2. Without PAM
>
> good luck !
>
> Angel
>

I'm still getting told that the user doesn't exist. It's loading the
proper
password file, but it just doesn't see the user...it should be parsing it
right correct?
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20060423/71788f78/attachment-0001.html>

On Sun, 2006-04-23 at 19:12 -0400, Tom Ray wrote:
> Apr 23 18:54:19 www dovecot: auth(default):
> pam(user at domain.tld,127.0.0.1): pam_authenticate() failed:
> Authentication failure
If you're authenticating from passwd-file, you probably should remove
passdb pam from the config file?
> Apr 23 18:54:19 www dovecot: auth(default):
> passwd-file /mail/domain.tld/etc/passwd: Read 1 users
> Apr 23 18:54:19 www dovecot: auth(default):
> passwd-file(user at domain.tld,127.0.0.1): unknown user
> Apr 23 18:54:20 www dovecot: auth(default): client out:
> FAIL^I1^Iuser=user at domain.tld
I'm guessing you've configured it like:

passdb passwd-file {
  args = /mail/%d/etc/passwd
}

In which case Dovecot expects the users to be in the passwd file without
their domains. Use %.0d (or was it %0.d) instead of %d and it should
work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20060424/5b2f4e32/attachment.bin>