Am 04.02.2016 um 20:54 schrieb Timo Sirainen:> On 04 Feb 2016, at 19:41, Thomas M?hle <thomas at bitkomplex.de> wrote: >> >> Am 04.02.2016 um 17:43 schrieb Timo Sirainen: >>> On 04 Feb 2016, at 03:44, Thomas M?hle <thomas at bitkomplex.de> wrote: >>>> >>>> Hello, >>>> >>>> I would like to use the users password within a mail-filter script. >>>> Dovecots %w variable is only available within dovecot-auth, is there any >>>> way to access the password for a mail-filter? >>> >>> Something like this should work in recent versions: >>> >>> passdb { >>> .. >>> override_fields = userdb_pass=%w >>> } >>> >>> plugin { >>> mail_filter = mail-filter %{userdb:pass} >>> } >>> >> >> Thanks for that idea, unfortunately %{ seems to be misinterpreted and >> the mail-filter script recieves the rest of the string "userdb:pass}" as >> a parameter, instead of the password. > > Do you have v2.2.19 or newer? That's required for %{userdb:*} to work. Without that you'd need to override the whole mail_filter in your passdb/userdb.I had v2.2.18 (Ubuntu 15.10) installed, so I updated to v2.2.21 now.>> So, do I get this right? During login the content of dovecots %w >> variable is supposed to be stored in a userdb field, called userdb_pass, >> and the %{x} is supposed to get the content of that field? > > Mostly, yes. You need the "pass" field to be in userdb to access it in mail processes. The password is only available in passdb though, so you need to store it with userdb_ prefix to get it saved into userdb extra fields instead of passdb extra fields. >Unfortunately it still doesn't work. The filter-script does not recieve any data from that variable. I tried replacing the %w with %u, to see, if the filter-script would at least recieve the username then, but that doesn't work, either. So I'm not sure, if %{userdb:pass} isn't read correctly, or if "override_fields = userdb_pass=%w" doesn't set it right.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 4 Feb 2016, Thomas M?hle wrote:> not sure, if %{userdb:pass} isn't read correctly, or if "override_fields > = userdb_pass=%w" doesn't set it right.did you tried some alternate spelling? %{userdb_pass} %{userdb:userdb_pass} %{userdb_userdb_pass} something like this. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVrRIOnz1H7kL/d9rAQKAvQf/dwBF4XdgnBzouPAv3xArENgYo8SZefBO Hmn00/eL8ZAJn4ZvLmZUgCgqidNfDQFbnTBSj3PIsQQNFweLUhmlRDwsWca9WKpc uHzuOAnbmGs3EXT+oQK1A3y+gUGkkwtBeCgIjw2IABg8j1GRdz2oXE+sI9xlkjPA AFqMwBNX2k5aeJ91kdTWHihsIlB8YCbsxPTUjl9/GlpzIPkA4DSkg/o0Husnql4+ U4KOBiB3oEooK3YwDuXxnr9Uo7rDC+2Vj1UgHu5UzHq2ZtHeDOsL9kpj8tqPBHmi 9rk92hLwzDr7F/dWTibL5FvPXvC3+yX6UzQShpKYUBPtfLzsjfT8PA==4F04 -----END PGP SIGNATURE-----
> On 05 Feb 2016, at 00:54, Thomas M?hle <thomas at bitkomplex.de> wrote: > >>> So, do I get this right? During login the content of dovecots %w >>> variable is supposed to be stored in a userdb field, called userdb_pass, >>> and the %{x} is supposed to get the content of that field? >> >> Mostly, yes. You need the "pass" field to be in userdb to access it in mail processes. The password is only available in passdb though, so you need to store it with userdb_ prefix to get it saved into userdb extra fields instead of passdb extra fields. >> > > Unfortunately it still doesn't work. The filter-script does not recieve > any data from that variable. > I tried replacing the %w with %u, to see, if the filter-script would at > least recieve the username then, but that doesn't work, either. So I'm > not sure, if %{userdb:pass} isn't read correctly, or if "override_fields > = userdb_pass=%w" doesn't set it right.Check with: doveadm auth login user at domain password In the output there's supposed to be the "pass" field in userdb extra fields. If not, try adding before your first userdb: userdb { driver = prefetch result_success = continue } I don't think that was supposed to be necessary though.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 4 Feb 2016, Thomas M?hle wrote:> Unfortunately it still doesn't work. The filter-script does not recieve > any data from that variable.you did a doveadm auth cache flush to ensure the data is not taken from cache? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVrR12nz1H7kL/d9rAQKatwgAx9MobYbSfmW1nJ3GEGJWKhkJSAqDPwSS 7Fln4464QPuxcuD60Tm2TnEjqO4RNjbylYfenfIQ7wAYEE9AtFWGsYBgYegZcpFh 1D9BN24dupq7cAO/sq+tJ2zKhiFYyuuPlT8fJTaAvSaVMVf74ln1cvol/dIM+Pza QoPvnPy06BC7TuGcl5WqsFUiQY8Udho1YfpHMpYJ1hsM4Qh/CwECfHIME+Dt7CqB 6RDf+y+kyU4C2gLEu8SDm795H4FHd06bDlaSA8f2p12/fSsMCtlclEQNZuKccOm5 ThL4lgxnM2fStAKmbUa34FiJJtdoKscsxIvSZSyPCyhOK72sRjgDKQ==nLiS -----END PGP SIGNATURE-----
Am 05.02.2016 um 10:38 schrieb Timo Sirainen:> >> On 05 Feb 2016, at 00:54, Thomas M?hle <thomas at bitkomplex.de> wrote: >> >>>> So, do I get this right? During login the content of dovecots %w >>>> variable is supposed to be stored in a userdb field, called userdb_pass, >>>> and the %{x} is supposed to get the content of that field? >>> >>> Mostly, yes. You need the "pass" field to be in userdb to access it in mail processes. The password is only available in passdb though, so you need to store it with userdb_ prefix to get it saved into userdb extra fields instead of passdb extra fields. >>> >> >> Unfortunately it still doesn't work. The filter-script does not recieve >> any data from that variable. >> I tried replacing the %w with %u, to see, if the filter-script would at >> least recieve the username then, but that doesn't work, either. So I'm >> not sure, if %{userdb:pass} isn't read correctly, or if "override_fields >> = userdb_pass=%w" doesn't set it right. > > Check with: > > doveadm auth login user at domain password > > In the output there's supposed to be the "pass" field in userdb extra fields. If not, try adding before your first userdb: > > userdb { > driver = prefetch > result_success = continue > } > > I don't think that was supposed to be necessary though. >Still nothing. It seems like the extra field doesn't even exist. :/ doveadm auth login thomas at example.com mypassword passdb: thomas at example.com auth succeeded extra fields: user=thomas at example.com home=/var/mail/example.com/thomas mail=maildir:/var/mail/example.com/thomas/mail:LAYOUT=fs quota_rule=*:bytes=0 uid=5000 gid=5000 userdb extra fields: thomas at example.com home=/var/mail/example.com/thomas mail=maildir:/var/mail/example.com/thomas/mail:LAYOUT=fs quota_rule=*:bytes=0 uid=5000 gid=5000