Hi Christian,
I tried to amend the acl the last time but it kept giving me error
stating "=" was needed. Could you please just help me amend the file
below with where you have the acl plugin appended .
Thanks
Kevin
# Listen addresses.
# - '*' means all available IPv4 addresses.
# - '[::]' means all available IPv6 addresses.
# Listen on all available addresses by default
listen = * [::]
#base_dir = /var/run/dovecot
mail_plugins = quota
# Enable fts fts_solr plugin globally for Solr Full Text Search Indexing
mail_plugins = $mail_plugins fts fts_solr
plugin {
fts = solr
#break-imap-search will use solr for indexing TEXT and BODY searches.
fts_solr = break-imap-search url=http://127.0.0.1:8983/solr/
fts_autoindex = yes
}
# Enabled mail protocols.
protocols = pop3 imap sieve lmtp
# User/group who owns the message files:
mail_uid = 2000
mail_gid = 2000
# Assign uid to virtual users.
first_valid_uid = 2000
last_valid_uid = 2000
# Logging. Reference: http://wiki2.dovecot.org/Logging
log_path = /var/log/dovecot.log
mail_debug = no
auth_verbose = no
auth_debug = no
auth_debug_passwords = no
# Possible values: no, plain, sha1.
auth_verbose_passwords = no
# SSL: Global settings.
# Refer to wiki site for per protocol, ip, server name SSL settings:
# http://wiki2.dovecot.org/SSL/DovecotConfiguration
ssl_protocols = !SSLv2 !SSLv3
ssl = required
verbose_ssl = no
#ssl_ca =</path/to/ca
ssl_cert = </etc/pki/tls/certs/iRedMail.crt
ssl_key = </etc/pki/tls/private/iRedMail.key
# With disable_plaintext_auth=yes AND ssl=required, STARTTLS is mandatory.
# Set disable_plaintext_auth=no AND ssl=yes to allow plain password transmitted
# insecurely.
disable_plaintext_auth = yes
# Allow plain text password per IP address/net
#remote 192.168.0.0/24 {
# disable_plaintext_auth = no
#}
# Mail location and mailbox format.
mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/
# Authentication related settings.
# Append this domain name if client gives empty realm.
auth_default_realm
# Authentication mechanisms.
auth_mechanisms = PLAIN LOGIN
# Limits the number of users that can be logging in at the same time.
# Default is 100.
# Note: this value can be overrided by "process_limit =" in service
protocol.
# e.g.
# protocol imap-login {
# ...
# process_limit = 500
# }
#default_process_limit = 100
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
user = postfix
group = postfix
mode = 0666
}
unix_listener auth-master {
user = vmail
group = vmail
mode = 0666
}
unix_listener auth-userdb {
user = vmail
group = vmail
mode = 0660
}
}
# LMTP server (Local Mail Transfer Protocol).
# Reference: http://wiki2.dovecot.org/LMTP
service lmtp {
user = vmail
# For higher volume sites, it may be desirable to increase the number of
# active listener processes. A range of 5 to 20 is probably good for most
# sites.
process_min_avail = 5
# Logging.
# Require 'info_log_path =' in 'protocol lmtp {}' block.
executable = lmtp -L
# Listening on socket file and TCP
unix_listener /var/spool/postfix/private/dovecot-lmtp {
user = postfix
group = postfix
mode = 0600
}
inet_listener lmtp {
#address = 192.168.0.24 127.0.0.1 ::1
port = 24
}
}
# Virtual mail accounts.
userdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
# Master user.
# Master users are able to log in as other users. It's also possible to
# directly log in as any user using a master password, although this isn't
# recommended.
# Reference: http://wiki2.dovecot.org/Authentication/MasterUsers
auth_master_user_separator = *
passdb {
driver = passwd-file
args = /etc/dovecot/dovecot-master-users
master = yes
}
plugin {
auth_socket_path = /var/run/dovecot/auth-master
quota = dict:user::proxy::quotadict
quota_rule = *:storage=1G
#quota_rule2 = *:messages=0
#quota_rule3 = Trash:storage=1G
#quota_rule4 = Junk:ignore
# Quota warning.
# If user suddenly receives a huge mail and the quota jumps from
# 85% to 95%, only the 95% script is executed.
quota_warning = storage=85%% quota-warning 85 %u
quota_warning2 = storage=90%% quota-warning 90 %u
quota_warning3 = storage=95%% quota-warning 95 %u
# Plugin: autocreate. Create and subscribe to default IMAP folders.
autocreate = INBOX
autocreate2 = Sent
autocreate3 = Trash
autocreate4 = Drafts
autocreate5 = Junk
autosubscribe = INBOX
autosubscribe2 = Sent
autosubscribe3 = Trash
autosubscribe4 = Drafts
autosubscribe5 = Junk
# Plugin: expire.
#expire = Trash 7 Trash/* 7 Junk 30
#expire_dict = proxy::expire
# ACL and share folder
acl = vfile
acl_shared_dict = proxy::acl
# By default Dovecot doesn't allow using the IMAP "anyone" or
# "authenticated" identifier, because it would be an easy way to
spam
# other users in the system. If you wish to allow it,
#acl_anyone = allow
# Pigeonhole managesieve service.
# Reference: http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration
# Per-user sieve settings.
sieve_dir = /%Lh/sieve
sieve = /%Lh/sieve/dovecot.sieve
# Global sieve settings.
sieve_global_dir = /var/vmail/sieve
# Note: if user has personal sieve script, global sieve rules defined in
# sieve_default will be ignored. Please use sieve_before or
# sieve_after instead.
#sieve_default
sieve_before = /var/vmail/sieve/dovecot.sieve
#sieve_after
# The maximum number of redirect actions that can be performed during a
# single script execution. The meaning of 0 differs based on your version.
# For versions v0.3.0 and beyond this means that redirect is prohibited.
# For older versions, however, this means that the number of redirects is
# unlimited, so be careful.
#sieve_max_redirects = 4
}
service quota-warning {
executable = script /usr/local/bin/dovecot-quota-warning.sh
unix_listener quota-warning {
user = vmail
group = vmail
mode = 0660
}
}
service dict {
unix_listener dict {
mode = 0660
user = vmail
group = vmail
}
}
dict {
#expire = db:/var/lib/dovecot/expire/expire.db
quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf
acl = mysql:/etc/dovecot/dovecot-share-folder.conf
}
protocol lda {
# Reference: http://wiki2.dovecot.org/LDA
mail_plugins = $mail_plugins sieve autocreate
auth_socket_path = /var/run/dovecot/auth-master
log_path = /var/log/dovecot-sieve.log
lda_mailbox_autocreate = yes
postmaster_address = root
}
protocol lmtp {
# Log file
info_log_path = /var/log/dovecot-lmtp.log
# Plugins
mail_plugins = quota
# Enable fts fts_solr plugin globally for Solr Full Text Search Indexing
mail_plugins = $mail_plugins fts fts_solr
plugin {
fts = solr
#break-imap-search will use solr for indexing TEXT and BODY searches.
fts_solr = break-imap-search url=http://127.0.0.1:8983/solr/
fts_autoindex = yes
}
postmaster_address = postmaster
lmtp_save_to_detail_mailbox = yes
recipient_delimiter = +
}
protocol imap {
mail_plugins = $mail_plugins imap_quota autocreate imap_acl
imap_client_workarounds = tb-extra-mailbox-sep
# Maximum number of IMAP connections allowed for a user from each
IP address.
# NOTE: The username is compared case-sensitively.
# Default is 10.
# Increase it to avoid issue like below:
# "Maximum number of concurrent IMAP connections exceeded"
mail_max_userip_connections = 20
}
protocol pop3 {
mail_plugins = $mail_plugins
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_uidl_format = %08Xu%08Xv
# Maximum number of IMAP connections allowed for a user from each
IP address.
# NOTE: The username is compared case-sensitively.
# Default is 10.
mail_max_userip_connections = 20
}
# Login processes. Refer to Dovecot wiki for more details:
# http://wiki2.dovecot.org/LoginProcess
service imap-login {
service_count = 1
# To avoid startup latency for new client connections, set process_min_avail
# to higher than zero. That many idling processes are always kept around
# waiting for new connections.
#process_min_avail = 0
# number of simultaneous IMAP connections
#process_limit = $default_process_limit
process_limit = 500
# vsz_limit should be fine at its default 64MB value
#vsz_limit = 64M
}
service pop3-login {
service_count = 1
# number of simultaneous POP3 connections
#process_limit = 500
}
namespace {
type = private
separator = /
prefix #location defaults to mail_location.
inbox = yes
}
namespace {
type = shared
separator = /
prefix = Shared/%%u/
location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u
# this namespace should handle its own subscriptions or not.
subscriptions = yes
list = children
}
# Public mailboxes.
# Refer to Dovecot wiki page for more details:
# http://wiki2.dovecot.org/SharedMailboxes/Public
#namespace {
# type = public
# separator = /
# prefix = Public/
#
# # CONTROL=: Mark this public folder as read-only mailbox
# # INDEX=: Per-user \Seen flag
# location
maildir:/var/vmail/public/:CONTROL=~/Maildir/public:INDEX=~/Maildir/public
#
# # Allow users to subscribe to the public folders.
# subscriptions = yes
#}
On Sun, Apr 19, 2015 at 3:11 AM, Christian Kivalo <ml+dovecot at valo.at>
wrote:>
>
> Am 18. April 2015 22:05:01 MESZ, schrieb Kevin Laurie <superinterstellar
at gmail.com>:
>>Hello,
>>I have some email authentication error with dovecot.
>>Could someone tell me what is the problem that is indicated below?
>>Is it due to some plugin?
>>
> yes as the log says
>
>>
>>Apr 18 21:56:35 auth-worker(2057): Info: mysql(127.0.0.1): Connected
>>to database vmail
>>Apr 18 21:56:35 imap-login: Info: Login: user=<user at
mydomain.net>,
>>method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=2058, secured,
>>session=<n/0fGAUUgwB/AAAB>
>>Apr 18 21:56:35 imap: Error: Can't load plugin imap_acl_plugin:
Plugin
>>acl must be loaded also (you must set: mail_plugins=$mail_plugins acl)
> you should load the acl plugin... seems the "acl" entry from your
last mail is now missing.
>
> -c