I receive a local mail when I do a 'mail test' on a backend svr1 with
this[0] configuration. However when I just add only one configuration
change 'lmtp_proxy = yes' I am getting these errors[1]. I would expect
this email to still be delivered locally, should this be working or do I
misunderstand the lmtp proxy functionality?
[0]
passdb {
args auth_verbose = default
default_fields = proxy=y host=svr1
deny = no
driver = pam
[1]
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: none: root=, index=,
indexpvt=, control=, inbox=, altDec 15 23:28:48 svr1 dovecot: lmtp(9270):
Connect from local
Dec 15 23:28:48 svr1 dovecot: auth: Debug: master in:
PASS#0111#011test#011service=lmtp
Dec 15 23:28:48 svr1 dovecot: auth: Debug: pam(test): passdb doesn't
support credential lookups
Dec 15 23:28:48 svr1 dovecot: auth: Debug: passdb out:
FAIL#0111#011reason=Configured passdbs don't support credentials lookups
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: user test: Auth PASS
lookup returned temporary failure: reason=Configured passdbs don't
support credentials lookups
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: auth PASS input:
reason=Configured passdbs don't support credentials lookups
dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64
dovecot-2.2.36-3.el7_7.1.x86_64
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 15/12/2019 23:09 Marc Roos <
<a
href="mailto:m.roos@f1-outsourcing.eu">m.roos@f1-outsourcing.eu</a>>
wrote:
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
I receive a local mail when I do a 'mail test' on a backend svr1
with
</div>
<div>
this[0] configuration. However when I just add only one configuration
</div>
<div>
change 'lmtp_proxy = yes' I am getting these errors[1]. I would
expect
</div>
<div>
this email to still be delivered locally, should this be working or do I
</div>
<div>
misunderstand the lmtp proxy functionality?
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
[0]
</div>
<div>
passdb {
</div>
<div>
args </div>
<div>
auth_verbose = default
</div>
<div>
default_fields = proxy=y host=svr1
</div>
<div>
deny = no
</div>
<div>
driver = pam
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
[1]
</div>
<div>
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: none: root=, index=,
</div>
<div>
indexpvt=, control=, inbox=, alt </div>
<div>
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Connect from local
</div>
<div>
Dec 15 23:28:48 svr1 dovecot: auth: Debug: master in:
</div>
<div>
PASS#0111#011test#011service=lmtp
</div>
<div>
Dec 15 23:28:48 svr1 dovecot: auth: Debug: pam(test): passdb doesn't
</div>
<div>
support credential lookups
</div>
<div>
Dec 15 23:28:48 svr1 dovecot: auth: Debug: passdb out:
</div>
<div>
FAIL#0111#011reason=Configured passdbs don't support credentials lookups
</div>
<div>
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: user test: Auth PASS
</div>
<div>
lookup returned temporary failure: reason=Configured passdbs don't
</div>
<div>
support credentials lookups
</div>
<div>
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: auth PASS input:
</div>
<div>
reason=Configured passdbs don't support credentials lookups
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64
</div>
<div>
dovecot-2.2.36-3.el7_7.1.x86_64
</div>
</blockquote>
<div>
<br>
</div>
<div>
PAM does not support looking up users, so you cannot use it for LMTP
proxying. Try adding
</div>
<div>
<br>
</div>
<div>
passdb {
</div>
<div>
driver = passwd
</div>
<div>
skip = authenticated
</div>
<div>
}
</div>
<div>
<br>
</div>
<div>
after PAM block.
</div>
<div class="io-ox-signature">
<pre>---
Aki Tuomi</pre>
</div>
</body>
</html>
I added this:
passdb {
driver = passwd
skip = authenticated
}
Which enables indeed local delivery, I also noticed this. Maybe the
password field check shoud not be done, when you enable skip
authentication?
Dec 16 10:26:37 svr1 dovecot: auth-worker(12046): Debug: passwd(test):
lookup
Dec 16 10:26:37 svr1 dovecot: auth-worker(12046): passwd(test): invalid
password field '*'
-----Original Message-----
From: Aki Tuomi [mailto:aki.tuomi at open-xchange.com]
Sent: 16 December 2019 06:22
To: Marc Roos; dovecot
Subject: Re: Local lmtp proxy on backend server
On 15/12/2019 23:09 Marc Roos < m.roos at f1-outsourcing.eu> wrote:
I receive a local mail when I do a 'mail test' on a backend svr1
with
this[0] configuration. However when I just add only one
configuration
change 'lmtp_proxy = yes' I am getting these errors[1]. I would
expect
this email to still be delivered locally, should this be working or
do I
misunderstand the lmtp proxy functionality?
[0]
passdb {
args =
auth_verbose = default
default_fields = proxy=y host=svr1
deny = no
driver = pam
[1]
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: none: root=,
index=,
indexpvt=, control=, inbox=, alt=
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Connect from local
Dec 15 23:28:48 svr1 dovecot: auth: Debug: master in:
PASS#0111#011test#011service=lmtp
Dec 15 23:28:48 svr1 dovecot: auth: Debug: pam(test): passdb
doesn't
support credential lookups
Dec 15 23:28:48 svr1 dovecot: auth: Debug: passdb out:
FAIL#0111#011reason=Configured passdbs don't support credentials
lookups
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: user test: Auth
PASS
lookup returned temporary failure: reason=Configured passdbs don't
support credentials lookups
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: auth PASS input:
reason=Configured passdbs don't support credentials lookups
dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64
dovecot-2.2.36-3.el7_7.1.x86_64
PAM does not support looking up users, so you cannot use it for LMTP
proxying. Try adding
passdb {
driver = passwd
skip = authenticated
}
after PAM block.
---
Aki Tuomi
Hi Aki,
If I adapt this configuration on svr1 like this[0], should the mail not
be delivered at svr2
passdb {
driver = pam
# [session=yes] [setcred=yes] [failure_show_msg=yes]
[max_requests=<n>]
# [cache_key=<key>] [<service name>]
#args = dovecot
default_fields = proxy=y host=svr2
}
passdb {
driver = passwd
skip = authenticated
default_fields = proxy=y host=svr2
}
-----Original Message-----
From: Aki Tuomi [mailto:aki.tuomi at open-xchange.com]
Sent: 16 December 2019 06:22
To: Marc Roos; dovecot
Subject: Re: Local lmtp proxy on backend server
On 15/12/2019 23:09 Marc Roos < m.roos at f1-outsourcing.eu> wrote:
I receive a local mail when I do a 'mail test' on a backend svr1
with
this[0] configuration. However when I just add only one
configuration
change 'lmtp_proxy = yes' I am getting these errors[1]. I would
expect
this email to still be delivered locally, should this be working or
do I
misunderstand the lmtp proxy functionality?
[0]
passdb {
args =
auth_verbose = default
default_fields = proxy=y host=svr1
deny = no
driver = pam
[1]
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: none: root=,
index=,
indexpvt=, control=, inbox=, alt=
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Connect from local
Dec 15 23:28:48 svr1 dovecot: auth: Debug: master in:
PASS#0111#011test#011service=lmtp
Dec 15 23:28:48 svr1 dovecot: auth: Debug: pam(test): passdb
doesn't
support credential lookups
Dec 15 23:28:48 svr1 dovecot: auth: Debug: passdb out:
FAIL#0111#011reason=Configured passdbs don't support credentials
lookups
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: user test: Auth
PASS
lookup returned temporary failure: reason=Configured passdbs don't
support credentials lookups
Dec 15 23:28:48 svr1 dovecot: lmtp(9270): Debug: auth PASS input:
reason=Configured passdbs don't support credentials lookups
dovecot-pigeonhole-2.2.36-3.el7_7.1.x86_64
dovecot-2.2.36-3.el7_7.1.x86_64
PAM does not support looking up users, so you cannot use it for LMTP
proxying. Try adding
passdb {
driver = passwd
skip = authenticated
}
after PAM block.
---
Aki Tuomi