Hi
This is my 1st time here so please be gentle.
I have encountered one problem since upgrading from 2.0.19 to 2.2.9
which has me beat.
The system provides sasl auth services via inet to a postfix 2.11 system.
Since the upgrade postfix complains of no sasl methods available.
The same dovecot configuration is used on both versions.
Now I get these results looking at the inet connection
Version 2.0.19
root at larch:~# telnet 192.168.3.15 12345
Trying 192.168.3.15...
Connected to 192.168.3.15.
Escape character is '^]'.
VERSION 1 1
MECH PLAIN plaintext
MECH LOGIN plaintext
MECH CRAM-MD5 dictionary active
SPID 23223
CUID 1
COOKIE d0b71942d48585303f9ae4681baabf87
DONE
Version 2.2.9
root at larch:~# telnet 192.168.3.112 12345
Trying 192.168.3.112...
Connected to 192.168.3.112.
Escape character is '^]'.
VERSION 1 1
SPID 5300
Seems be something lacking in the response from 2.2.9 that fits the "no
sasl methods" response from postfix
I believe I should supply
root at larchvm:/etc/dovecot-sasl# dovecot -n -c dovecot.conf
# 2.2.9: dovecot.conf
# OS: Linux 3.13.0-88-generic i686 Ubuntu 14.04.4 LTS
auth_mechanisms = plain login cram-md5
auth_verbose_passwords = plain
base_dir = /var/run/dovecot-sasl/
disable_plaintext_auth = no
instance_name = sasl
mail_chroot = /chroot/mail
mail_location = maildir:~/Maildir
mail_plugins = quota
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacati
on subaddress comparator-i;ascii-numeric relational regex imap4flags
copy includ
e variables body enotify environment mailbox date ihave
namespace {
inbox = yes
location prefix = INBOX.
type = private
}
passdb {
args = /etc/dovecot-sasl/dovecot-sqlmd5.conf
driver = sql
}
plugin {
deleted_to_trash_folder = Trash
quota = maildir:User quota quota:noenforcing
quota_rule = Trash:ignore
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
service auth {
inet_listener auth-userdb {
address = 192.168.3.112
port = 12345
ssl = yes
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
unix_listener auth-userdb {
mode = 0600
}
}
service imap-login {
inet_listener imap {
address = 213.210.16.65
port = 143
}
inet_listener imaps {
address = 213.210.16.65
port = 993
ssl = yes
}
}
service managesieve-login {
inet_listener sieve {
address = 213.210.16.65
port = 4190
}
}
ssl_cert = </etc/ssl/certs/pe.pem
ssl_key = </etc/ssl/private/pe.pem
userdb {
args = /etc/dovecot-sasl/dovecot-sql.conf
driver = sql
}
protocol imap {
mail_plugins = quota imap_quota deleted_to_trash
}
Any help or suggestion warmly welcomed
> On June 15, 2016 at 1:50 AM Paul <paul at enlund.co.uk> wrote: > > > Hi > This is my 1st time here so please be gentle. > > I have encountered one problem since upgrading from 2.0.19 to 2.2.9 > which has me beat. > The system provides sasl auth services via inet to a postfix 2.11 system. > Since the upgrade postfix complains of no sasl methods available. > The same dovecot configuration is used on both versions. > Now I get these results looking at the inet connection > > Version 2.0.19 > root at larch:~# telnet 192.168.3.15 12345 > Trying 192.168.3.15... > Connected to 192.168.3.15. > Escape character is '^]'. > VERSION 1 1 > MECH PLAIN plaintext > MECH LOGIN plaintext > MECH CRAM-MD5 dictionary active > SPID 23223 > CUID 1 > COOKIE d0b71942d48585303f9ae4681baabf87 > DONE > > Version 2.2.9 > root at larch:~# telnet 192.168.3.112 12345 > Trying 192.168.3.112... > Connected to 192.168.3.112. > Escape character is '^]'. > VERSION 1 1 > SPID 5300 > > Seems be something lacking in the response from 2.2.9 that fits the "no > sasl methods" response from postfix >have you checked doveadm log errors --- Aki Tuomi
Hi On 15/06/2016 09:04, aki.tuomi at dovecot.fi wrote:>> On June 15, 2016 at 1:50 AM Paul <paul at enlund.co.uk> wrote: >> >> >> Hi >> This is my 1st time here so please be gentle. >> >> I have encountered one problem since upgrading from 2.0.19 to 2.2.9 >> which has me beat. >> The system provides sasl auth services via inet to a postfix 2.11 system. >> Since the upgrade postfix complains of no sasl methods available. >> The same dovecot configuration is used on both versions. >> Now I get these results looking at the inet connection >> >> Version 2.0.19 >> root at larch:~# telnet 192.168.3.15 12345 >> Trying 192.168.3.15... >> Connected to 192.168.3.15. >> Escape character is '^]'. >> VERSION 1 1 >> MECH PLAIN plaintext >> MECH LOGIN plaintext >> MECH CRAM-MD5 dictionary active >> SPID 23223 >> CUID 1 >> COOKIE d0b71942d48585303f9ae4681baabf87 >> DONE >> >> Version 2.2.9 >> root at larch:~# telnet 192.168.3.112 12345 >> Trying 192.168.3.112... >> Connected to 192.168.3.112. >> Escape character is '^]'. >> VERSION 1 1 >> SPID 5300 >> >> Seems be something lacking in the response from 2.2.9 that fits the "no >> sasl methods" response from postfix >> > have you checked > > doveadm log errors > > --- > Aki Tuomi >I had not so here they are root at larch:/var/log# doveadm log errors ( no output) root at larch:/var/log# doveadm -D log errors doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin .so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/d oveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() faile d: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbo l: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() fa iled: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this mes sage) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_dove adm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_dove adm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() faile d: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbo l: fts_backend_rescan (this is usually intentional, so just ignore this message) A note if I change postfix to use the unix socket defined in the same service auth section that the inet listener is defined in postfix sasl auth works fine. Stiil getting short response to telnet connection to sasl inet port compared to 2.0.19 response Paul
Hi
Sorted....
After reading changelog of latest sources and noting comments about
corrected problems
with inet_listener <name> I made the following change which resolved the
short response
from the sasl inet socket as seen with telnet
inet_listener auth-userdb {
address = 192.168.3.112
port = 12345
ssl = yes
}
to
inet_listener {
address = 192.168.3.112
port = 12345
ssl = yes
}
or
inet_listener auth-inet {
address = 192.168.3.112
port = 12345
ssl = yes
}
seems auth-userdb as a name screws something.
auth sasl over inet socket no working 100% ok
Paul
On 15/06/2016 09:04, aki.tuomi at dovecot.fi wrote:>> On June 15, 2016 at 1:50 AM Paul <paul at enlund.co.uk> wrote:
>>
>>
>> Hi
>> This is my 1st time here so please be gentle.
>>
>> I have encountered one problem since upgrading from 2.0.19 to 2.2.9
>> which has me beat.
>> The system provides sasl auth services via inet to a postfix 2.11
system.
>> Since the upgrade postfix complains of no sasl methods available.
>> The same dovecot configuration is used on both versions.
>> Now I get these results looking at the inet connection
>>
>> Version 2.0.19
>> root at larch:~# telnet 192.168.3.15 12345
>> Trying 192.168.3.15...
>> Connected to 192.168.3.15.
>> Escape character is '^]'.
>> VERSION 1 1
>> MECH PLAIN plaintext
>> MECH LOGIN plaintext
>> MECH CRAM-MD5 dictionary active
>> SPID 23223
>> CUID 1
>> COOKIE d0b71942d48585303f9ae4681baabf87
>> DONE
>>
>> Version 2.2.9
>> root at larch:~# telnet 192.168.3.112 12345
>> Trying 192.168.3.112...
>> Connected to 192.168.3.112.
>> Escape character is '^]'.
>> VERSION 1 1
>> SPID 5300
>>
>> Seems be something lacking in the response from 2.2.9 that fits the
"no
>> sasl methods" response from postfix
>>
> have you checked
>
> doveadm log errors
>
> ---
> Aki Tuomi
>