search for: authdatabase

I had been using the CheckPassword authentication interface with dovecot 2.2.15, https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working. After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced wiki page says, Checkpassword Interface Read <username> NUL <password> NUL from fd 3. I've checked the information read from fd 3 with 2.2.33.2 and I get <userna...

...o?= with os.fdopen(DOVECOT_PW_FD, 'r') as s: ^ SyntaxError: invalid syntax --Mark -----Original Message----- From: Mark Foley <mfoley at ohprs.org> Date: Thu, 01 Feb 2018 15:34:15 -0500 Organization: Ohio Highway Patrol Retirement System To: dovecot at dovecot.org Subject: Re: AuthDatabase CheckPassword broken? On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > On 01.02.2018 08:00, Mark Foley wrote: > > I had been using the CheckPassword authentication interface with dovecot 2.2.15, > > https://wiki2.dovecot.org/AuthDatabase/Che...

On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > On 01.02.2018 08:00, Mark Foley wrote: > > I had been using the CheckPassword authentication interface with dovecot 2.2.15, > > https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working. > > > > After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced wiki page says, > > > > Checkpassword Interface > > > > Read <username> NUL <password> NUL from fd 3. > > > > I'...

On 01.02.2018 08:00, Mark Foley wrote: > I had been using the CheckPassword authentication interface with dovecot 2.2.15, > https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working. > > After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced wiki page says, > > Checkpassword Interface > > Read <username> NUL <password> NUL from fd 3. > > I've checked the information read from fd...

Is it possible to run a bash script for authentication where a 0 exit code indicates success and a non-zero is failure? What I'm trying to do is create a shadow IMAP server that authenticates against a different server. That way my server will use the same passwords as an existing server. So what I would need is for dovecot to pass the username and password to my script, I attempt to log

Hi, We're running dovecot 1.2.15 and use SQL authentication. We'd like to be able to support APOP, but can't see how this would fit in with SQL auth. Currently we have: password_query = SELECT email as user, password FROM virtual_users WHERE email='%u' or (email LIKE '%n@%%' AND unhashed='%w') It seems that in order to auth APOP logins, we'd need to

Hi, i have to configure different sql-queries for protocol lmtp, another for protocol smtp and one query for other protocols. I have configured in "/etc/dovecot/conf.d/auth-sql.conf.ext" one entry for all protocols and 2 protocol specific entries: protocol lmtp { passdb { driver = sql args = /etc/dovecot/dovecot-lmtp-sql.conf.ext } } protocol smtp { passdb {

I'm interested in using authentication via a UNIX socket as documented at http://wiki2.dovecot.org/AuthDatabase/Dict. (We are currently using a checkpassword script to enable us to authenticate against a django app that stores passwords in pbkdf2 format, but I'm concerned about scalability as we grow - specifically the comment about performance on http://wiki2.dovecot.org/AuthDatabase/CheckPassword). T...

Hi, i would like to know if anybody have implemented the authentication of dovecot against samba4 via secure ldap (SSL/TLS). I made it but in plain text through dovecot?s offical page: http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds http://wiki2.dovecot.org/AuthDatabase/LDAP But when i try to do it in a secure way i can?t make it work. Samba4 is listening by port 636 and dovecot is speaking by 389 or 636, but they can?t comunicate themself. I?m wondering if any of you have done this before or have any clue that...

On 1.10.2019 17.33, David Wells - Alfavinil S.A. via dovecot wrote: > Good morning. > > I was just reading > https://wiki.dovecot.org/AuthDatabase/LDAP/PasswordLookups and found > the following statement >> When using LDA <https://wiki.dovecot.org/LDA> and static userdb, >> deliver can check if destination user exists. With auth binds this >> check isn't possible. > > Is this still relevant? Is there a wor...

Hello- Sorry if this is a noob question, but I cant seem to get my password_query to work with dovecot + mysql. Im using 'Password verification by SQL server' at: http://wiki2.dovecot.org/AuthDatabase/SQL trying to modify it to work with my encrypted passwords in the DB. Im using the following which isnt working: password_query = SELECT NULL AS password, \ 'Y' as nopassword, userid AS user \ FROM users WHERE userid='%u' AND AES_DECRYPT(password, 'mykey')=passwo...

Trying to figure out the syntax to set a mail_location for SQL. This doesn't work: userdb { driver = sql args = /etc/dovecot/master-combined-sql.conf override_fields = mail_location=maildir:/fakedir/%d/%n:INBOX=/fakedir:LAYOUT=fs } Does anyone know the proper syntax? Thanks in advance

http://dovecot.org/releases/2.2/dovecot-2.2.7.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.7.tar.gz.sig * Some usage of passdb checkpassword could have been exploitable by local users. You may need to modify your setup to keep it working. See http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security + auth: Added ability to truncate values logged by auth_verbose_passwords (see 10-logging.conf comment) + mdbox: Added "mdbox_deleted" storage, which can be used to access messages with refcount=0. For example: doveadm import mdbox_deleted:~/mdbox "...

http://dovecot.org/releases/2.2/dovecot-2.2.7.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.7.tar.gz.sig * Some usage of passdb checkpassword could have been exploitable by local users. You may need to modify your setup to keep it working. See http://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security + auth: Added ability to truncate values logged by auth_verbose_passwords (see 10-logging.conf comment) + mdbox: Added "mdbox_deleted" storage, which can be used to access messages with refcount=0. For example: doveadm import mdbox_deleted:~/mdbox "...

...> Thanks! > Best regards, > David Wells. > > > El 02/10/2019 a las 04:29, Aki Tuomi escribi?: >> >> On 1.10.2019 17.33, David Wells - Alfavinil S.A. via dovecot wrote: >>> Good morning. >>> >>> I was just reading https://wiki.dovecot.org/AuthDatabase/LDAP/PasswordLookups <https://wiki.dovecot.org/AuthDatabase/LDAP/PasswordLookups> and found the following statement >>>> When using LDA <https://wiki.dovecot.org/LDA> and static userdb, deliver can check if destination user exists. With auth binds this check isn't possib...

Just happened to be surfing the docs and saw this. This is beyond awesome: https://wiki2.dovecot.org/AuthDatabase/Lua Any words of wisdom on using it? I'd be putting a bunch of mysql logic in it. Any horrible gotchas there? When it says 'blocking', should I assume that means that a auth worker process will *not* accept any new auth lookups until both auth_passdb_lookup() and auth_userdb_lookup() h...

I'm experimenting with checkpassword as an auth method for usedb and passdb (http://wiki2.dovecot.org/AuthDatabase/CheckPassword). I've set up the userdb and passdb *exactly* as the wiki suggests as the "standard way": passdb { driver = checkpassword args = /user/util/bin/checkpassword } userdb { driver = prefetch } I've created a checkpassword program that does receive the correct use...

Hello All, First of all thanks a lot for providing a quality software such as Dovecot. I am having troubles for setting up the config files of OpenBSD's binary package of Dovecot, flavor sieve/mysql. Do you know where some documentation could be found for setting up correctly the .conf (dovecot.conf & dovecot-sql.conf) since it does not even load ("Error in configuration file

...ldap slapd[11729]: conn=1125 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= ldap slapd[11729]: conn=1125 op=2 do_search: invalid dn: "uid=test,ou=,ou=Mail,dc=root,dc=pl" ldap slapd[11729]: conn=1125 op=2 SEARCH RESULT tag=101 err=34 nentries=0 text=invalid DN #v- It seems that LDAP AuthDatabase doesn't change the context when looking up for the target object, to which the alias points. Futhermore, the filter for the target object '(&(objectClass=posixAccount)(uid=test))' was not defined by me anywhere in the configuration file 'dovecot-ldap.ext'. I have tried bo...

We using Dovecot with LDAP. From the beginning, we using GC LDAP query with port 3268 for email accounts. For example, user1 at our-organization.org (in the USA) with "base = dc=our-organization, dc=org" works fine. But refer to this document: https://wiki2.dovecot.org/AuthDatabase/LDAP When we change the LDAP from 3268 to 389 and with TLS, the base should be changed like this: "base = ou=usa, dc=our-organization, dc=org" But if the user (user2) located in United Kingdom (ou=gbr), the user can not login. When we debug with ldapsearch: ldapsearch -ZZ -v -h dc.our...