search for: last_valid_gid

On Thu, Oct 11, 2018 at 10:55:39AM +0300, Aki Tuomi wrote: > Maybe. Have to see when we can implement it though. It could probably > leverage the min/max_gid setting. Actually that was a great hint. Setting last_valid_gid = 100 in the config and restarting helped. Having a filter-list instead of fixed upper/lower bounds would be more flexible. I guess though that in reality most systems/setups have ranges for different kinds of groups, so that the first/last_valid_gid could be applied. Thanks Heiko

...ero_gid == FALSE && uid != 0 && gid == 0) { i_error("mail process isn't allowed to be in group 0"); return FALSE; } @@ -38,8 +38,9 @@ static int validate_uid_gid(uid_t uid, g return FALSE; } - if (gid < (gid_t)set->first_valid_gid || - (set->last_valid_gid != 0 && gid > (gid_t)set->last_valid_gid)) { + if (set->allow_zero_gid == FALSE && + (gid < (gid_t)set->first_valid_gid || + (set->last_valid_gid != 0 && gid > (gid_t)set->last_valid_gid))) { i_error("mail process isn't allowed to...

...s somebody know the workaround I have some users, who are able to log in to dovecot but others not.... even the failpermissions in directories are same. Also mbox folder is excatly same mail Some settings in /etc/dovecot.conf first_valid_uid = 500 last_valid_uid = 1500 first_valid_gid = 500 last_valid_gid = 515 default_mail_env = mbox:~/mail:INBOX=/var/spool/mail/%u So the "someuser" is able to log in but "testuser" not log from testuser logging in somehost imap-login: Login: testuser [193.x.x.x] somehost dovecot: chdir(/home/guest/testuser) failed with uid 893: Permission...

Hi all, I have next settings in .conf file ... # # Login user for SQL-based virtual users # login_user = dovecot first_valid_uid = 100 first_valid_gid = 100 ... System user dovecot has UID/GID = 101/101. But every time when user logins I see in log file Oct 29 15:51:25 orion dovecot: Logins with login process UID 101 (user elnino) not permitted (see login_user in config file). Oct 29

...e has experiences concering dovecot connecting to samba4 ?? I tried the following: /etc/dovecot.conf: protocols = imap sieve mail_location = maildir:/data/mail/%d/%n/Maildir mail_access_groups = vmail mail_privileged_group = vmail first_valid_uid = 110 last_valid_uid = 110 first_valid_gid = 115 last_valid_gid = 115 log_path = /var/log/dovecot log_timestamp = "%Y-%m-%d %H:%M:%S " login_greeting = Welcome to domain.local. service imap { inet_listener { port=143 } } protocol lda { log_path = /var/log/mail/dovecot-deliver.log auth_socket_path = /var/run/dovecot/auth-master...

On Thu, Oct 11, 2018 at 09:51:34AM +0300, Aki Tuomi wrote: > > Looking at the source, I see this is handled in > > src/lib/restrict-access.c::fix_groups_list(), > > where above the call to setgroups() a gid_list2 is constructed. I > > wonder if one could > > have a config option to prevent adding all those extra groups, which > > then make the > > call to

...Error: Error in configuration file /etc/dovecot.conf line 16: Unknown setting: passdb My dovcot.conf file: protocols = imap pop3 login_dir = /var/run/dovecot/login login_chroot = yes disable_plaintext_auth = no login_user = dovecot first_valid_uid = 101 last_valid_uid = 101 first_valid_gid = 101 last_valid_gid = 101 valid_chroot_dirs =/home/vmail/domains default_mail_env = maildir:/home/vmail/domains/%d/%n auth = default auth_mechanisms = plain auth_userdb = ldap /etc/dovecot-ldap.conf auth_pass = ldap /etc/dovecot-ldap.conf auth_executable = /usr/libexec/dovecot/dovecot-auth auth_user = dovecot-auth It...

...ter. In this version of patchset, I have intentionally removed the following chunk of change which by default allows gid=0 users to log in. %%% @@ -333,6 +338,7 @@ ~ # belongs to supplementary groups with non-valid GIDs, those groups are ~ # not set. ~ #first_valid_gid = 1 +first_valid_gid = 0 ~ #last_valid_gid = 0 ~ # Maximum number of running mail processes. When this limit is reached, %%% Please let me know if you want more features, have comments, etc., for the FreeBSD port. I am subscribed to this list but I would appreciate if you could use 'Reply all' which will give me more opportunity...

...h: /var/log/dovecot/dovecot-info.log protocols: imap imaps listen: *:143 ssl_listen: *:993 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login login_greeting_capability: yes valid_chroot_dirs: /var/mail first_valid_uid: 5000 last_valid_uid: 5000 first_valid_gid: 5000 last_valid_gid: 5000 mail_access_groups: mail mail_location: maildir:~/Maildir mail_debug: yes maildir_copy_preserve_filename: yes imap_client_workarounds: outlook-idle auth default: mechanisms: plain login CRAM-MD5 default_realm: example.com master_user_separator: * verbose: yes debug: yes debu...

...ndly: this configuration on the old server (1.0rc7) works fine: ## Dovecot 1.0 configuration file base_dir = /var/lib/dovecot protocols = imap pop3 imaps log_path = /var/log/dovecot/error.log info_log_path = /var/log/dovecot/info.log first_valid_uid = 60000 last_valid_uid = 60000 first_valid_gid=15 last_valid_gid=15 default_mail_env = maildir:/var/spool/mail/%d/%u mailbox_check_interval = 60 maildir_copy_with_hardlinks = yes mbox_locks = fcntl umask = 0077 auth default { mechanisms = plain digest-md5 user = dovecot passdb pgsql { /etc/dovecot/dovecot-pgsql.conf } userdb pgsq...

...127.0.0.1 ssl_listen: * ssl_ca_file: ... ssl_cert_file: ... ssl_key_file: ... ssl_cipher_list: ALL:!LOW:!SSLv2 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login valid_chroot_dirs: /home/vmail/domains first_valid_uid: 1001 last_valid_uid: 1001 first_valid_gid: 1001 last_valid_gid: 1001 mail_location: maildir:/home/vmail/domains/%d/%n auth default: user: dovecot-auth passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf plugin: quota: maildir:ignore=Trash When a mail arrives maildrop deliv...

...replicated, but status changes don't. Thanks. -Tim Config on source: # 2.2.15: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.7 amd64 auth_debug = yes auth_mechanisms = plain login auth_verbose = yes dsync_remote_cmd = /usr/bin/ssh imap.netsend.nl first_valid_gid = 30000 first_valid_uid = 30000 last_valid_gid = 30100 last_valid_uid = 30100 mail_debug = yes mail_home = /srv/vmail/%d/%n mail_location = maildir:~/Maildir mail_plugins = " notify replication" passdb { args = /passwd driver = passwd-file } passdb { args = /passwd_smtponly driver = passwd-file } plugin { mail_replica =...

@2.0's master.conf, there's, e.g., service config { type= config executable =config unix_listener { path = config mode = 0666 } } can someone please explain function/usage for the 'type', 'executable' & 'path' fields? and, for any file paths, are the presumed to be _relative_ to the dovecot executable? in $PATH? can they accept full/absolute

...ecified -u <user> and attempts to sync the first email in the default domain. Please advise. # 2.1.1: /etc/dovecot/dovecot/dovecot.conf # OS: Linux 2.6.38-b i686 Slackware 13.0.0.0.0 auth_debug = yes auth_debug_passwords = yes auth_default_realm = a first_valid_gid = 89 first_valid_uid = 89 last_valid_gid = 89 last_valid_uid = 89 listen = * log_path = /dev/stderr login_greeting = A login_trusted_networks = 192.168.20.64/26 mail_debug = yes mail_gid = vchkpw mail_location = maildir:~/Maildir mail_privileged_group = vchkpw mail_uid = vpopmail passdb { driver = vpopmail } protocols = imap pop3 servic...

...y_file: /etc/ssl/key/server.key login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login login_processes_count: 64 login_max_processes_count: 2048 valid_chroot_dirs: /home/vmail/domains max_mail_processes: 4096 first_valid_uid: 102 last_valid_uid: 102 first_valid_gid: 102 last_valid_gid: 102 mail_uid: vmail mail_gid: vmail mail_location: maildir:/home/vmail/domains/%d/%n lda: postmaster_address: postmaster at server.com auth_socket_path: /var/run/dovecot-auth-master global_script_path: /home/vmail/domains/server.com/sieve mail_plugins: cmusieve auth default_with_listener:...

...maps_listen = * pop3s_listen = * ssl_cert_file = /etc/ssl/mydomain.tld/Cert.pem ssl_key_file = /etc/ssl/mydomain.tld/PrivateKey.pem disable_plaintext_auth = yes login = imap login_user = dovecot login = pop3 verbose_proctitle = yes first_valid_uid = 5000 last_valid_uid = 5000 first_valid_gid = 5000 last_valid_gid = 5000 mail_extra_groups = mail valid_chroot_dirs = /var/mail/virtualmail default_mail_env = maildir:/var/mail/virtualmail/%n/Maildir auth = default auth_mechanisms = plain auth_userdb = ldap /etc/dovecot-ldap.conf auth_passdb = ldap /etc/dovecot-ldap.conf auth_user = dovecot auth_verbose = yes aut...

...a): /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.0 ext4 auth_debug = yes auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_verbose = yes disable_plaintext_auth = no first_valid_gid = 5000 first_valid_uid = 5000 hostname = holimail.holinice.com last_valid_gid = 5000 last_valid_uid = 5000 listen = * mail_debug = yes mail_gid = vmail mail_location = maildir:/var/vmail/%d/%n/Maildir mail_privileged_group = mail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddr...

...map imaps pop3 pop3s disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login first_valid_uid: 51 last_valid_uid: 51 first_valid_gid: 51 last_valid_gid: 51 mail_location: maildir:/var/mail/virtual/%d/%u mail_debug: yes mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3...

...or your time, Ondrej Bouda dovecot -n output follows: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.11-83.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) ext4 auth_mechanisms = plain login cram-md5 digest-md5 ntlm disable_plaintext_auth = no first_valid_gid = 502 first_valid_uid = 502 last_valid_gid = 502 last_valid_uid = 502 log_path = /var/log/dovecot login_greeting = Welcome mail_location = maildir:/var/mail/virtual/%d/%n passdb { args = scheme=plain username_format=%u /etc/dovecot/passwd driver = passwd-file } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/p...

...oveconf -n output follows: doveconf -n # 2.3.2.1 (0719df592): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.5.2 (7704de5e) # OS: FreeBSD 11.2-RELEASE-p4 amd64 # Hostname: juxi.0x58.com auth_mechanisms = plain login first_valid_gid = 127 first_valid_uid = 127 hostname = butler.0x58.com last_valid_gid = 127 last_valid_uid = 127 lmtp_save_to_detail_mailbox = yes login_greeting = Assume the position. mail_gid = 127 mail_home = /usr/local/vmail/domains/%d/%n mail_location = maildir:~/Maildir/ mail_plugins = " quota trash zlib virtual " mail_uid = 127 managesieve_notify_capability = mailto...