hobie at rumormillnews.com
2011-Aug-25 01:00 UTC
[Dovecot] On IMAP vhost login, only Username being used
Attempting IMAP SSL login on new installation, using Icedove (Debain
Thunderbird variant), login fails. Logs show Dovecot attempting to match
username only, not username with domain name, on Vpopmail user, so of
course no match. Tried with '@' in full username, also with '%'.
What's
missing?
Log shows:
Aug 24 19:30:48 debian dovecot: auth: Debug: client in: CONT<hidden>
Aug 24 19:30:48 debian dovecot: auth: Debug: Loading modules from
directory: /usr/local/lib/dovecot/auth
Aug 24 19:30:48 debian dovecot: auth: Debug: vpopmail(postmaster,[IP
redacted]): lookup user=postmaster domain
Current config:
# 2.0.13: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3
auth_debug = yes
auth_verbose = yes
disable_plaintext_auth = no
first_valid_gid = 89
first_valid_uid = 89
mail_debug = yes
mail_location = maildir:/home/vpopmail/domains/%d/%n/Maildir
maildir_very_dirty_syncs = yes
passdb {
driver = vpopmail
}
protocols = imap pop3
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
args = quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
--hobie
I tried the runtbird.sh script, hoping for more info - all it did was
show that auth is failing. I don't understand why Dovecot is separating
the username from the domain name, and trying to match only on the
username. Seems like there must be a config setting that affects this
and that I'm overlooking. Thanks ahead for any help with this.
--hobie
hobie wrote earlier:
====
Attempting IMAP SSL login on new installation, using Icedove (Debain
Thunderbird variant), login fails. Logs show Dovecot attempting to match
username only, not username with domain name, on Vpopmail user, so of
course no match. Tried with '@' in full username, also with '%'.
What's
missing?
Log shows:
Aug 24 19:30:48 debian dovecot: auth: Debug: client in: CONT<hidden>
Aug 24 19:30:48 debian dovecot: auth: Debug: Loading modules from
directory: /usr/local/lib/dovecot/auth
Aug 24 19:30:48 debian dovecot: auth: Debug: vpopmail(postmaster,[IP
redacted]): lookup user=postmaster domain
Current config:
# 2.0.13: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3
auth_debug = yes
auth_verbose = yes
disable_plaintext_auth = no
first_valid_gid = 89
first_valid_uid = 89
mail_debug = yes
mail_location = maildir:/home/vpopmail/domains/%d/%n/Maildir
maildir_very_dirty_syncs = yes
passdb {
driver = vpopmail
}
protocols = imap pop3
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
args = quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
--hobie
=====
hobie at rumormillnews.com
2011-Aug-26 04:28 UTC
[Dovecot] On IMAP vhost login, only Username being used
Recapping: I'm working to set up Dovecot 2.0.13 along with some additional software (qmail, vpopmail, squirrelmail). It's working fine with squirrelmail now, but trying to connect over SSL with a Thunderbird variant and using IMAP, authentication fails because Dovecot is trying to match only the front part of the name (the user part), ignoring the domain name part of what it's being sent. So, instead of seeking to match virtual user: joe_blow at some_domain.com ...it's trying to match: joe_blow ...and failing, since joe_blow is not a system user but is a virtual host user. With Squirrelmail, connecting from localhost via non-SSL IMAP, the match is handled correctly, no problem. I've run the runtbird.sh script but no light was shed on this by the resulting output, all it said was that authentication was failing. Has anyone else encountered this problem? Any suggestions on how to fix it or where to look for additional info? Thanks kindly. --hobie> I tried the runtbird.sh script, hoping for more info - all it did wasshow that auth is failing. I don't understand why Dovecot is separating the username from the domain name, and trying to match only on the username. Seems like there must be a config setting that affects this and that I'm overlooking. Thanks ahead for any help with this.> > --hobie > > hobie wrote earlier: > > ====> > Attempting IMAP SSL login on new installation, using Icedove (DebainThunderbird variant), login fails. Logs show Dovecot attempting to match username only, not username with domain name, on Vpopmail user, so of course no match. Tried with '@' in full username, also with '%'. What's missing?> > Log shows: > > Aug 24 19:30:48 debian dovecot: auth: Debug: client in: CONT<hidden> Aug24 19:30:48 debian dovecot: auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth> Aug 24 19:30:48 debian dovecot: auth: Debug: vpopmail(postmaster,[IPredacted]): lookup user=postmaster domain>> Current config: > > # 2.0.13: /usr/local/etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 > auth_debug = yes > auth_verbose = yes > disable_plaintext_auth = no > first_valid_gid = 89 > first_valid_uid = 89 > mail_debug = yes > mail_location = maildir:/home/vpopmail/domains/%d/%n/Maildir > maildir_very_dirty_syncs = yes > passdb { > driver = vpopmail > } > protocols = imap pop3 > ssl_cert = </etc/ssl/certs/dovecot.pem > ssl_key = </etc/ssl/private/dovecot.pem > userdb { > args = quota_template=quota_rule=*:backend=%q > driver = vpopmail > } > > --hobie > > ====>
hobie at rumormillnews.com
2011-Aug-26 20:05 UTC
[Dovecot] On IMAP vhost login, only Username being used
Found it. :) Not a dovecot problem but a field in Icedove (Thunderbird variant) that had been automatically filled in by the software "to serve you better". It's on the Server Settings page as "User Name". "Never mind..." :) --hobie> Recapping: I'm working to set up Dovecot 2.0.13 along with someadditional software (qmail, vpopmail, squirrelmail). It's working fine with squirrelmail now, but trying to connect over SSL with a Thunderbird variant and using IMAP, authentication fails because Dovecot is trying to match only the front part of the name (the user part), ignoring the domain name part of what it's being sent. So, instead of seeking to match virtual user:> > joe_blow at some_domain.com > > ...it's trying to match: > > joe_blow > > ...and failing, since joe_blow is not a system user but is a virtualhost user. With Squirrelmail, connecting from localhost via non-SSL IMAP, the match is handled correctly, no problem. I've run the runtbird.sh script but no light was shed on this by the resulting output, all it said was that authentication was failing.> > Has anyone else encountered this problem? Any suggestions on how to fixit or where to look for additional info? Thanks kindly.> > --hobie > >> I tried the runtbird.sh script, hoping for more info - all it did was > show that auth is failing. I don't understand why Dovecot is separatingthe username from the domain name, and trying to match only on the username. Seems like there must be a config setting that affects this and that I'm overlooking. Thanks ahead for any help with this.>> >> --hobie >> >> hobie wrote earlier: >> >> ====>> >> Attempting IMAP SSL login on new installation, using Icedove (Debain > Thunderbird variant), login fails. Logs show Dovecot attempting tomatch username only, not username with domain name, on Vpopmail user, so of course no match. Tried with '@' in full username, also with '%'. What's missing?>> >> Log shows: >> >> Aug 24 19:30:48 debian dovecot: auth: Debug: client in: CONT<hidden> Aug > 24 19:30:48 debian dovecot: auth: Debug: Loading modules from directory:/usr/local/lib/dovecot/auth>> Aug 24 19:30:48 debian dovecot: auth: Debug: vpopmail(postmaster,[IP > redacted]): lookup user=postmaster domain>> >> Current config: >> >> # 2.0.13: /usr/local/etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 >> auth_debug = yes >> auth_verbose = yes >> disable_plaintext_auth = no >> first_valid_gid = 89 >> first_valid_uid = 89 >> mail_debug = yes >> mail_location = maildir:/home/vpopmail/domains/%d/%n/Maildir >> maildir_very_dirty_syncs = yes >> passdb { >> driver = vpopmail >> } >> protocols = imap pop3 >> ssl_cert = </etc/ssl/certs/dovecot.pem >> ssl_key = </etc/ssl/private/dovecot.pem >> userdb { >> args = quota_template=quota_rule=*:backend=%q >> driver = vpopmail >> } >> >> --hobie >> >> ====>> > > > > > > >