search for: default_login_user

...login { ? chroot = login ? client_limit = 128 ? process_limit = 32 ? process_min_avail = 3 ? service_count = 1 ? user = dovecot ? vsz_limit = 32 M } service pop3 { ? drop_priv_before_exec = no ? process_limit = 128 ? vsz_limit = 256 M } service tcpwrap { ? unix_listener login/tcpwrap { ??? group = $default_login_user ??? mode = 0600 ??? user = $default_login_user ? } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_cipher_list = ALL:!LOW ssl_key = </etc/ssl/private/dovecot.pem userdb { ? driver = passwd } verbose_proctitle = yes protocol imap { ? imap_client_workarounds = delay-newmail tb-extra-mailbox-sep }...

...s_sockets = tcpwrap in /etc/dovecot/dovecot.conf Then everything accessing ports controlled by dovecot (and open by iptables) is blocked. So my question relates to the second part of the configuration examples in the links above: service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } Where does this code get placed (in dovecot.conf or in one of the files in /etc/dovecot/conf.d)? And regarding $default_login_user, it appears in a comment line in /etc/dovecot/conf.d/10-master.conf Should that line be uncommented? Much th...

...s_sockets = tcpwrap in /etc/dovecot/dovecot.conf Then everything accessing ports controlled by dovecot (and open by iptables) is blocked. So my question relates to the second part of the configuration examples in the links above: service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } Where does this code get placed (in dovecot.conf or in one of the files in /etc/dovecot/conf.d)? And regarding $default_login_user, it appears in a comment line in /etc/dovecot/conf.d/10-master.conf Should that line be uncommented? Much th...

Can anyone share the proper config to get wrappers working in dovecot on FreeBSD? The dovecot examples do not seem to work, and I thought perhaps FBSD needs slightly different configs. I've compiled with: -DHAVE_LIBWRAP which I presume is the first step. The example for dovecot.conf in uncommenting: login_access_sockets = tcpwrap merely causes a log error of "imap-login: Error:

hi everybody having I believe sort of plain-vanilla config with section in 10-tcpwrapper.conf as per docs login_access_sockets = tcpwrap service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } /etc/hosts.deny contains: ALL: given_host and yet dovecot logins IMAP client in whereas other tcpwrapper aware services act as expected what am I missing? regards

It works ! It was THAT easy ! Can you suggest how to replace the hair I pulled out ? :-) On 2016-12-29 5:27 PM, Larry Rosenman wrote: > login_access_sockets = tcpwrap > > service tcpwrap { > unix_listener login/tcpwrap { > group = $default_login_user > mode = 0600 > user = $default_login_user > } > } > > > > On Thu, Dec 29, 2016 at 7:21 PM, Jim Pazarena <dovecot at paz.bz> wrote: > >> I have compiled dovecot2 for FreeBSD with the tcpwrap option. >> >> A tcpwrap binary gets built an...

Hello, I run dovecot-2/Maildir/LDAP user/passdb and would like to be able to deny acess to users who connect from certain domains/IP (google.com for instance since in that case they gave their credentials to a third party). My understanding is that I cannot use some negative form of "allow_nets". The only mechanism I can think of is tcp_wrappers. However, dovecot documentation mention

...o it something like this (not tested - probably needs some additions/changes): # no 993 port for this imap-login service imap-login { inet_listener imaps { port = 0 } } # create a duplicate 993 service service imap-login-ssl { executable = imap-login login-ssl chroot = login user = $default_login_user # add other settings similarly as to service imap-login inet_listener imaps { port = 993 } } # create a separate auth master process for port 993 service auth-ssl { executable = auth -o auth_ssl_require_client_cert=yes # add other settings similarly as to service auth unix_listener...

...username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = vpopmail default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes d...

Hello All, I am trying to execute dovecot by below command /opt/app/dovecot/latest/sbin/dovecot -c /opt/app/dovecot/latest/etc/dovecot/dovecot.conf I am getting below error doveconf: Fatal: Error in configuration file /opt/app/dovecot/latest/etc/dovecot/dovecot.conf: default_login_user doesn't exist: dovenull please guide me to resolve this. Thanks and Regards, Sachin ============================================================================================================================ Disclaimer: This message and the information contained herein is proprietary and...

...auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 60 default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins disable_plaintext_auth = yes dotlock_use_excl = yes doveadm_allowed_commands = dove...

...ogin auth_verbose = yes base_dir = /var/run/dovecot/ director_mail_servers = x.x.x.x director_servers = y.y.y.y disable_plaintext_auth = no mail_debug = yes passdb { ? args = nopassword=y proxy=y ? driver = static } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ??? user = $default_login_user ? } ? inet_listener { ??? port = 9090 ? } ? unix_listener director-userdb { ??? mode = 0600 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 143 ? } } service pop3-login { ? executable = pop3-login d...

...group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } ssl_cert = </home/ler/letsencrypt-home/lerctr.org/fullchain.cer ssl_cipher_list = EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+AESGCM:EECDH:EDH+AESGCM:EDH+aRSA:HIGH:!MEDIU...

...ing is so that FTS indexing can be invoked. And because I don't want it to run any services, I can run it as an unprivileged user, so long as I turn them all off: # We don't want to serve any protocols, so we don't bind to any ports. # We can run everything as me. protocols = default_login_user = dave default_internal_user = dave The only thing is, I keep getting these in var/log/mail.log: anvil: Fatal: chroot(/Users/dave/brew/var/run/dovecot/empty) failed: Operation not permitted master: Error: service(anvil): command startup failed, throttling for 60 secs auth: Error: read(anv...

...h_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_consistent_hashing = no director_doveadm_port = 0 director_flush_socket = director_mail_servers = director_servers = director_user_expire = 15 mins director_user_kick_delay =...

...auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 60 default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = dovea...

...h_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins disable_plaintext_auth = no dotlock_use_excl = no doveadm_allowed_commands = dovead...

...idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 64 M } Thanks, J?rgen -- Hochschulrechenzentrum der | Mail: Juergen.Obermann at hrz.uni-giessen.de Justus-Liebig-Universitaet | WWW: http://www.uni-giessen.de/obermann/ Heinrich-Buff-Ring 44 | Tel: 0641-99-13054 (0641-99-13001) D-35392 Giessen, Germany | Fax: 0641-99-130...

...h_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_consistent_hashing = no director_doveadm_port = 0 director_flush_socket = director_mail_servers = director_servers = director_user_expire = 15 mins director_user_kick_delay =...

...} inet_listener sieve_deprecated { port = 2000 } } service stats { unix_listener stats-reader { group = mail mode = 0660 user = } unix_listener stats-writer { group = mail mode = 0660 user = } } service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } ssl_cert = </home/ler/letsencrypt-home/lerctr.org/fullchain.cer ssl_cipher_list = EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+AESGCM:EECDH:EDH+AESGCM:EDH+aRSA:HIGH:!MEDIU...