search for: auth_default_realm

...As far as I see, it's not possible as postfix only passes the base64 encoded string from the user to the dovecot auth service (as I'm using dovecot for sasl authentication). We're talking about PLAIN and LOGIN methods. In the other hand, dovecot is happily append "realm" with auth_default_realm. It works (which does not with postfix) but again: I need more defaults. I wouldn't like to run multiple instances of dovecot (just for having a single setting be different), so I've tried similar solutions: service auth { unix_listener /var/spool/postfix/private/auth-dom1 { group =...

We provide POP3 service for several realms, each of which has a substantial number of users logging in with no realm (bare username). We would like to use Dovecot, but I haven't been able to findout how to vary auth_default_realm for each listener. My most recent attempt was to set up one auth {} block for each realm with a different auth_default_realm and socket master path. I then set up one protocol pop3 {} block for each realm, listening on different IP addresses and with a auth_socket_path corresponding to the auth bl...

Hi, Just writing here my note about auth_default_realm, pam_krb5 and gssapi. It seems that 'pam' passdb and 'gssapi' auth_mechanism doesn't honor 'auth_default_realm' setting, at least in several setups I deal with. Here is a part of the config: passdb { args = max_requests=100 cache_key=%u%r dovecot driver = pam }...

Hello, I'm using proxy_maybe and auth_default_realm. It seems that when a user logs in without the domain name, relying on auth_default_realm, and the "host" field points to the local server, I get the Proxying loops to itself error. It does work as expected - log on to the local server without proxying, if the user does include the do...

Hello, My dovecot server (2.0.18 on FreeBSD 9) has multiple interface. I would like to configure the authentication (pop and imap) to append different domain according to the local IP address. I've tested this: local 10.0.0.1 { auth_default_realm = domain1.com } local 10.0.0.2 { auth_default_realm = domain2.com } But it doesn't work. I get this error message: doveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/dovecot.conf line 58: Auth settings not supported inside local/remote blocks: auth_default_realm -- Step...

Gedalya-san I have a question. Currently, there are thousands of users. (In multi-domain) The setting of "auth_default_realm = example.co.jp" is Is it possible to set without affecting the current user? Thank you. -----Original Message----- From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of ????? Sent: Wednesday, October 28, 2020 4:16 PM To: 'Gedalya' <gedalya at gedalya.net>; dovecot...

On 10/28/20 12:19 PM, ?? ?? wrote: > <abc-xyz-unyo-sekkei>" > "Recipient address rejected: User unknown in local recipient table" If abc-xyz-unyo-sekkei is supposed to be abc-xyz-unyo-sekkei at example.co.jp then you could try to set in dovecot configuration: auth_default_realm = example.co.jp Then %u will contain the domain part too. Otherwise, you could try to configure postfix to qualify unqualified addresses with the appropriate domain. Finally, you could just prohibit users from authenticating with an unqualified username (without a domain).

The dovecot instance set up with auth_realms and auth_default_realm variables and it is working well. In saslauthd configurations setting same variables giving configuration parsing error (I think it is not right way to configure kerberos realm in saslauthd). However testsaslauthd working without any problems even if I don't specify realm parameter from co...

Hi friends, i have a question. I have a running dovecot install on my server and a lot of virtual domains. It works great. The users are logging in with user at domain.tld but one old domain must be logged in with only the username only (without @domain.tld). My problem is that in this case the mailbox_localtion don't work. For example: > mail_location =

...at a ssh mx2.a doveadm -u user1 at a mx1.a$ doveadm -Dv sync -u user1 at a user1 at a The only thing that happens is that the on each machine the folders get doubled with some random extension (eg. Inbox becomes Inbox_3e3ff3g3gb3bb3b22). Also, another bug, if there is a domain setup as default (auth_default_realm) dsync simply ignores the specified -u <user> and attempts to sync the first email in the default domain. Please advise. # 2.1.1: /etc/dovecot/dovecot/dovecot.conf # OS: Linux 2.6.38-b i686 Slackware 13.0.0.0.0 auth_debug = yes auth_debug_passwords = yes auth_default_realm = a first_valid_g...

I'v set the default_mail_env to maildir:/var/maildir/%d/%u where /var/maildir/ is the root dorectory for my maildir tree and I'm getting the folowing error in the maillog : Jan 3 15:16:58 websrv pop3(roi): unlink(/var/maildir//roi/cur/new:2,T) failed: Is a directory Notice that the %d is missing. If I change to 'default_mail_env = maildir:/var/maildir/example.tld/%u' then

...> when they login as <user>? > > Dovecot is very configurable, but it can also take some time, effort and testing to get the configuration you want. Personally I don't mix user types since it takes out an element of complexity. For your case you might find it useful to look into auth_default_realm that can specify a domain name when one is not supplied. https://wiki2.dovecot.org/DomainLost Other things that might be useful: there is a method for returning a "user" field from the userdb query or passdb query which will change the username. Or there is another setting that can ove...

Hello I just finished setting up FreeIPA with Dovecot + Postfix + Saslauthd. I can easily access to mails using imap via dovecot with gssapi authentication and postfix also delivering mails very well. But I cannot send email from postfix using gssapi authentication (plain and login authentication working fine) because saslauthd is not specifying realm when requesting service from freeipa domain.

...May 14 15:33:42 ohio dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<user at example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Here's a doveconf -n: # 2.0.12: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38.3-linode32 i686 CentOS release 5.6 (Final) ext3 auth_default_realm = domain.com auth_mechanisms = plain login base_dir = /var/run/dovecot/ disable_plaintext_auth = no listen = * mail_location = maildir:/var/spool/mail/vhosts/%d/%u maildir_very_dirty_syncs = yes mbox_write_locks = fcntl passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver =...

...expands to the local IP address "almost everywhere". If that's available in the userdb SQL expansion, I could write a (somewhat convoluted) SQL statement that adds a domain based on the local IP. Does that sound like it'll work? Not quite as "elegant" as just setting auth_default_realm in separate listeners, but should work I guess. -- Chris Adams <cma at cmadams.net>

...ate with a username only, without a domain. The only effect is to add the domain name to the username. You could perhaps test, by logging in as just "user" and then as "user at example.co.jp" and make sure everything behaves the same. If everything behaves the same, then setting auth_default_realm should not do any harm. In other words, the question is: does any functionality actually depend on having a username without a domain. On 10/29/20 8:18 AM, ?? ?? wrote: > Gedalya-san > > I have a question. > Currently, there are thousands of users. (In multi-domain) > The setting of...

Hello, I'm setting up a test server to work through the issues involved in bringing a bunch of vpopmail/qmail/courier users into a postfix/dovecot server. So far I'm seeing lots of info to aid in the transition. One thing I'm lost on is that since Dovecot is providing all the auth mechanisms rather than vpopmail, I'm not sure how to emulate a particular vpopmail behavior we

Hi all! I want create a large IMAP server setup where dovecot is listening on multiple interfaces and needs a different default realm on each interface. I'm using dovecot 2.0.5 on FreeBSD9 and authenticate against a LDAP database. I found an old mail thread from 2007 that said I'm basically screwed. Has that change since than? Is there any way to use different default realms per listener?

I'm working on migrating to Dovecot. At the moment, I have a mail path that includes the domain, so I'm using %d to get that. However, if users authenticate without specifying a domain (i.e. using "bob" instead of "bob at wiktel.com"), then %d expands to nothing. I'd like to have that expand to a default domain (wiktel.com) instead. Is that possible? Thanks,

...set of domains, and ntlm authentication for one domain? In other words, I would like to authenticate all users (with user at domain.com as login) in SQL server, and if not found, then strip @windomain.com from login and fallback to pam->winbind authentication. So far i have in my dovecot.conf: auth_default_realm = windomain.com mechanisms = plain passdb sql { args = /etc/dovecot/dovecot-sql.conf } passdb pam { } passdb passwd { } userdb sql { args = /etc/dovecot/dovecot-sql.conf } userdb passwd { } userdb prefetch { } in pam.d/dovecot : auth required pam_nologin.so auth include...