Displaying 20 results from an estimated 262 matches for "nopassword".
2016 Nov 17
4
BUG: nopassword doesn't work with CRAM-MD5
On Thursday 17 of November 2016, Aki Tuomi wrote:
> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote:
> > Hello.
> >
> > dovecot 2.2.26.0
> >
> > When testing nopassword extra field
> > (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
> > dovecot doesn't allow any password (while it should) and returns
> >
> > " Authentication failed"
> >
> > while in logs:
> >
> > Nov 17 08:22:34...
2016 Nov 17
2
BUG: nopassword doesn't work with CRAM-MD5
Hello.
dovecot 2.2.26.0
When testing nopassword extra field
(http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot
doesn't allow any password (while it should) and returns
" Authentication failed"
while in logs:
Nov 17 08:22:34 auth-worker(1551): Info:
sql(pepe,127.0.0.1,<Y8amDXpBptV/AAAB>): Reque...
2008 Dec 08
3
"nopassword" extra field useless with LDAP passdb
...L certificates only (not using passwords at all). Still, user information is stored in a LDAP directory. In this configuration LDAP is used to check whether the user is registered (and probably supply quota and other info), and actual authentication is done by SSL layer.
According to wiki, a "nopassword" extra field should be supplied, together with empty password. But there is no way to return an empty password from LDAP, as LDAP simply does not allow "empty attributes"; if an attribute is present, it is not empty. Supplying empty password as a static field (like this: pass_attrs =...
2016 Nov 17
0
BUG: nopassword doesn't work with CRAM-MD5
On 17.11.2016 10:30, Arkadiusz Mi?kiewicz wrote:
> On Thursday 17 of November 2016, Aki Tuomi wrote:
>> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote:
>>> Hello.
>>>
>>> dovecot 2.2.26.0
>>>
>>> When testing nopassword extra field
>>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
>>> dovecot doesn't allow any password (while it should) and returns
>>>
>>> " Authentication failed"
>>>
>>> while in logs:
>>>
>>...
2016 Nov 17
0
BUG: nopassword doesn't work with CRAM-MD5
On 17.11.2016 10:30, Arkadiusz Mi?kiewicz wrote:
> On Thursday 17 of November 2016, Aki Tuomi wrote:
>> On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote:
>>> Hello.
>>>
>>> dovecot 2.2.26.0
>>>
>>> When testing nopassword extra field
>>> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5
>>> dovecot doesn't allow any password (while it should) and returns
>>>
>>> " Authentication failed"
>>>
>>> while in logs:
>>>
>>...
2019 Dec 27
2
Dovecot proxy: authentication best practices
Hi!
I have a few questions regarding Dovecot proxy:
1.
1.1 If I understand correctly, setting 'nopassword' in the proxy passdb file, authentication is completely up to the destination host. Setting 'nopassword' in no way means the proxy becomes an open relay. Is this correct?
1.2 Are there any security implications when using 'nopassword' on the proxy?
2.
2.1 I would like to avoid...
2016 Nov 17
0
BUG: nopassword doesn't work with CRAM-MD5
On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote:
> Hello.
>
> dovecot 2.2.26.0
>
> When testing nopassword extra field
> (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot
> doesn't allow any password (while it should) and returns
>
> " Authentication failed"
>
> while in logs:
>
> Nov 17 08:22:34 auth-worker(1551): Info:
> sql(pepe,...
2011 May 12
3
dovecot proxy with nopassword and postfix sasl
HI All
I have setup a dovecot proxy with remote auth, value nopassword in the passdb to make the auth remotely.
With pop3 and imap the authentication is made on the remote server and this work perfectly.
I have tested with wrong and correct password.
Then I have added the postfix sasl and this also works fine, the request is made to dovecot.
My problem is that with...
2018 Feb 18
0
SASL LOGIN mechanism with nopassword
Hi list,
I've noticed dovecot pop3 does not request the password with 'AUTH LOGIN' when nopassword is set.
dovecot-2.2.18
auth_mechanisms = plain login
ssl = required
auth_ssl_require_client_cert = yes
auth_ssl_username_from_cert = yes
passdb {
? driver = ldap
? args = /etc/dovecot/dovecot-ldap.conf.ext
? default_fields = nopassword=yes userdb_uid=vmail userdb_gid=vmail userdb_home=/var/sp...
2007 Mar 25
1
assertion failure with nopassword
Hm, so my mailing list archive is up, but when I add nopassword to the
list of settings in my passdb passwd-file I get:
file auth-request.c: line 924 (auth_request_set_field): assertion
failed: (request->passdb_password == NULL)
Raw backtrace: dovecot-auth [0x806be11] -> dovecot-auth [0x806bd8c] ->
dovecot-auth(auth_request_set_field+0x277) [0x80547d7...
2018 Nov 13
1
Proxy + 2x static passdb not working as expected
...a Dovecot proxy that authenticates the user against
two backend servers. If login server1 fails, server2 should be tried.
The problem: Only the first server seems to be tried, even if the login
fails.
Config snippet:
protocol imap {
passdb {
driver = static
args = proxy=y nopassword=y host=oldserver1.example.com port=993
ssl=y
}
passdb {
driver = static
args = proxy=y nopassword=y host=oldserver2.example.com port=993
ssl=y
}
}
With this config, only accounts on oldserver1.example.com can login. If
I reverse the two passdb entries, only acco...
2008 Aug 19
1
Authentication cache, failure to login after changed password
...ss2
- Approved
I'd really like to continue to use the auth cache, is there any solution
to the above? perhaps a way to debug the cache and auth process? I wasn't
able to activate auth_debug without restarting Dovecot and solving the
problem.
Using version 1.1.1, MySQL userdb, with "nopassword=Y".
Maybe it's due to nopassword?
Thanks
--
Tom
2013 May 22
1
problem with proxy setup
Hi all,
i have some troubles in the implementation of my proxyconfiguration.
i have two kind of users, the first will be proxied to a dovecot backend
with masteruser-login, the other one will be proxied to another
non-dovecot imapserver with nopassword.
Everything looks to work if i use passwd-file like this:
user1:{PLAIN}pass1:::::::proxy=y host=192.168.1.1
destuser=user1*masteruser pass=masterpass
user2::::::::nopassword proxy=y host=192.168.2.2
In an second step i try the same behavior with sql (postgresql), but
there are my problems.
In...
2020 Sep 28
1
custom userdb server, Exim, and proxying
...vecot for authentication. Dovecot, in turn, consults a custom internal server that answers Dovecot?s userdb queries.
When IMAP connections arrive, for some users we want to forward those connections--without authentication--to an external IMAP server. For these users, we return ?proxy_maybe? and ?nopassword? in the authn response from our userdb server. This tells Dovecot to proxy the connection to a new server without trying to authenticate.
Exim, though, doesn?t grok ?proxy_maybe?, so it just sees ?nopassword?. In response, it just skips SMTP authentication entirely.
We could address this if our...
2015 Jun 29
2
LDAP default value variable interpolation
I'm wondering if there is a way I can dynamically generate an LDAP default
value by using variables.
I have a configuration that works something like this on my front end proxy:
pass_attrs = mail=user,\
=nopassword=y,\
=proxy=y,\
=host=mail.%d
The above works perfectly well even though it seems a bit hack.
I want to fetch the host field from LDAP and default it to "mail.%d" if the
attribute isn't populated for the user.
I have tried the following :
pass_attrs = mail=user,\
=nopassword=...
2019 Jan 23
1
problem in setting up proxy
...yes
? location =
? mailbox Drafts {
??? special_use = \Drafts
? }
? mailbox Junk {
??? special_use = \Junk
? }
? mailbox Sent {
??? special_use = \Sent
? }
? mailbox "Sent Messages" {
??? special_use = \Sent
? }
? mailbox Trash {
??? special_use = \Trash
? }
? prefix =
}
passdb {
? args = nopassword=y proxy=y host=10.5.10.121
? driver = static
? name = static
}
plugin {
? sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap pop3
service auth {
? unix_listener auth-master {
??? mode = 0600
??? user = vmail
? }
}
ssl = no
verbose_proctitle = yes
verbose_ssl = yes
protocol imap {
? mai...
2017 Dec 14
4
auth_policy in a non-authenticating proxy chain
Hi,
I was looking into the new Authentication Policy feature:
https://wiki2.dovecot.org/Authentication/Policy
I had kinda hoped that I would be able to enfore this in a proxy running
in front of several backends. This proxy does not authenticate. It use
"nopassword".
But I realize that the "succes" reported in the final authpolicy req.
(command=report) is not what is actaully happening on the IMAP protocol
level, but rather the result of the passdb chain in the proxy.
(I should probably have predicted this, it's kinda reasonable).
Howeve...
2012 Apr 28
2
help with AES_DECRYPT and password lookup - mysql password_query
...ith dovecot + mysql. Im using 'Password verification by SQL server' at:
http://wiki2.dovecot.org/AuthDatabase/SQL
trying to modify it to work with my encrypted passwords in the DB.
Im using the following which isnt working:
password_query = SELECT NULL AS password, \
'Y' as nopassword, userid AS user \
FROM users WHERE userid='%u' AND AES_DECRYPT(password, 'mykey')=password
1. Is it even possible to do this via 'password_query'?
2. If so, what am I doing wrong?
Thanks,
Jeff
/mf/home/jeep/shell/.signature
2018 Mar 21
2
why is dovecot "Allowing any password"
Hi AKi,
Thanks for the quick answer!
On 03/21/2018 05:24 PM, Aki Tuomi wrote:
> This is what 'nopassword=y' does. I'm guessing this is an attempt to allow logging in from localhost without password, but I'd use master password (for applications or webmails), or
Yes, the config is taken from the SOGo configuration guide, which can be
seen here:
https://sogo.nu/files/docs/v2/SOGoNativeOutl...
2019 Jan 23
3
problem in setting up proxy
...yes
? location =
? mailbox Drafts {
??? special_use = \Drafts
? }
? mailbox Junk {
??? special_use = \Junk
? }
? mailbox Sent {
??? special_use = \Sent
? }
? mailbox "Sent Messages" {
??? special_use = \Sent
? }
? mailbox Trash {
??? special_use = \Trash
? }
? prefix =
}
passdb {
? args = nopassword=y
? default_fields = proxy=y host=10.5.10.121
? driver = static
? name = static
}
plugin {
? sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap pop3
service auth {
? unix_listener auth-master {
??? mode = 0600
??? user = vmail
? }
}
ssl = no
verbose_proctitle = yes
verbose_ssl = yes
pr...