similar to: dovecot on os x

Dear all, I've been looking into hacking with some PAM modules, and thought I could learn from the OpenSSH source (it's probably the closest thing to a canonical cross-platform consumer of the API). One thing I've noticed I don't understand though is how OpenSSH's invocation of do_pam_session/setcred can work (in main of the process forked in sshd.c). Ignoring privsep for the

Works great with all the beta versions. I installed RC1 and get massive authentication failures. auth_debug_passwords = yes auth_master_user_separator=* auth default_with_listener { mechanisms = plain passdb passwd-file { # Master users that can log in as anyone args = /etc/dovecot.masterusers master = yes #pass =yes } passdb passwd-file { # Path for passwd-file

I'm seeing strings of failed POP3 login attempts with obvious bogus usernames coming from different IP addresses. Today's originated from 216.31.146.19 (which resolves to neovisionlabs.com). This looks like a botnet attack. I got a similar probe a couple days ago. Is anyone else seeing these? The attack involves trying about 20 different names, about 3-4 seconds apart. Here's a

Hi Everyone, I made some small changes in my dovecot setup to switch it from looking up users and passwords from a mix of ldap (i.e. freeipa) and password files. One of the changes was to switch from using one id for all authentication to using individual ids) It's working fine with Evolution. I have one account authenticating with GSSAPI, which is my userid for logging into my desktop and

>Using OpenSSH 3.1p1 on a Sun Solaris 7 box, I disabled an account using the >'passwd -l ...' command to lock the users password. However, the user can >still access the system via ssh. Whilst I could do other things such as >moving their .ssh directory, removing their account home directory, etc, >etc, is there some 'nicer' way to inform ssh that the account is now

Hello, I am trying to get dovecot to use virtual users and authenticate using PAM+kerberos against Active Directory and I am running into some problems. I followed the tutorials from the wiki page from: http://www.linuxmail.info/active-directory-dovecot-pam-authentication/ And here is what I get from the /var/log/mail log: Nov 26 15:12:27 housigma20 dovecot: auth(default): client in:

Should pam_setcred() be called if pam_authenticate() wasn't called? I would say not; both of these functions are in the authenticate part of pam. It seems the the 'auth' part of pam config controls which modules get called, so if you didn't to _authenticate() you shouldn't do _setcred(). thx /fc

I've just upgraded to 1.0a3 via a freebsd port, and I've begun to notice odd behaviour from Dovecot. After converting my config file settings over to the new format, everything runs fine for an hour or so, then dovecot stops responding: oot at toejamfootball# telnet localhost 143 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost.

Hi all, I'm setting a mailserver using dovecot version: 2.1.7. On the server I have a couple of system users using PAM authentication and a lot of virtual users using SQL authentication. When a virtual user (e.g. david at virtdomain.de) logs in dovecot tries to authenticate the user via PAM and after failing it uses SQL: Mar 19 11:39:42 orange dovecot: auth-worker(7815): pam(david at

Hi, I keep having errors when I try to authenticate to my imap acount, and I can't get my email like this. Here are the logs when i try to authenticate using PLAIN or CRAM-MD5 : PLAIN Dec 24 22:06:25 domain dovecot: auth(default2): client in: AUTH^I1^IPLAIN^Iservice=IMAP^Isecured^Ilip=1.2.3.4^Irip=1.2.3.4^Iresp=<hidden> Dec 24 22:06:27 domain dovecot: auth(default2): pam(email at

The auth-pam.c of sshd server contains a small flaw that allows empty password logins even if "PermitEmptyPasswords" option in the sshd config file is set to "no". The scenario is as follows: Using ssh the user tries to logon to the machine using an account that has empty password. If the user presses enter on the password prompt (NULL password) access is

Hi, I've set up a postfix +dovecot configuration on my debian jessie. But I have a connection issue. When I try to connect from thunderbird it doesn not work. When I check out my debug logs I get : auth-worker(22252): Info: pam(myuser,hostIP): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: correctPassword) Running doveadm auth test tells me I can

Hi, im using 0.99 stable in RPM form, Im using this for postfix+dovecot+real unix users, now i tried to enable virtual support with this: protocols = imap pop3 ssl_disable = yes log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot.info login_user = dovecot mail_extra_groups = mail auth = default auth_mechanisms = plain auth_passdb = pam auth_userdb = passwd auth_userdb =

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is there any way to disable logging of failures during pam_authenticate? I ask because OpenSSH is currently generating an extra "authentication failure..." message at each login. The problem is that OpenSSH likes to try a blank password attempting any other authentication. This is a shortcut for anonymous SSH servers (e.g. OpenBSD's

I've just installed Dovecot and am running into a bit of a problem with it. I'm using virtual email accounts and everything seems to be working up to a certain point. Let me break down how the server is setup. Each domain belongs under the directory /mail so it's path is basically: /mail/domain.tld. Within each domain directory there are two sub-directories etc and mail. Under

Hi, I have a login issue. I do everything I can think of, but can't login. My .conf file is at http://kabuto.kunduz.org/dovecot.conf and I make slight changes everytime I try a new thing. I last set disable_plaintext_auth to yes and when I try to login using Thunderbird, I get *Code:* Sending of username did not succeed. Mail server mail.somedomain.org responded: Plaintext

On 07 Apr 2016, at 19:02, Mobile Phone <cell at eceb.co.uk> wrote: > > pam(prtg.08dir,91.91.91.91): pam_authenticate() failed: Authentication > failure (password mismatch?) (given password: YesThisWasTheCorrectPassword) .. > Why it this bouncing 25% + of IMAP AUTH LOGINs? PAM said that login wasn't allowed. PAM can have all kinds of plugins that can do all kinds of things.

>Neither the Sun PAM documentation nor the Linux-PAM documentation >describe the semantics of PAM_REINITIALIZE_CREDS in any useful detail. I would agree it is vague, but then that is also a problem with the XSSO document (http://www.opengroup.org/onlinepubs/008329799/) >Could we please have a clarification on the semantics of >PAM_CRED_ESTABLISH vs. the semantics of

Hi , I have a problem with Authentication.I don't no, where is the problem,Can anyone help me undestand this problem. Thanks in Advance here is some files: The configuration file dovecot.conf log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login

Hello All, Im using OpenSSH-3.9p1 configured for PAM,krb etc.. When I use Key based auth methods such as Public key,gssapi etc, this skips the pam_authenticate() call and directly calls pam_acct_mgmt(). This results in a failed attempt with few of my own PAM modules. Is there any way to implement this facility to be controlled by a directive in sshd_config. I mean PAM calls should not be