similar to: proxy: can I use the password returned from passdb to log in to the back-end?

I tried setting the "destuser" setting on the LMTP director as follows, to preserve the original envelope rcpt: protocol lmtp { auth_socket_path = director-userdb passdb { driver = ... override_fields = destuser=%{orig_user} } } The passdb driver would return the appropriate "user" for each alias. Suppose, for example, user1 has emails user1 at domain.tld,

Hi All My first post to the list, so "hello world"! Having searched the list archives and the wiki for an answer to this, I don't think it is possible. However, let me ask nonetheless... Is it possible for a Dovecot proxy's login process (IMAP and POP3) to include the "destuser", i.e. the uid used to authenticate to the backend IMAP/POP3 server, in its logging?

Hi List, I have a dovecot which proxies to different backends depending on an entry in a mysql-database. The mysql-query sets ?ssl? to ?any-cert? and this works fine. But this causes me a problem: sieve-backends only support STARTTLS and if I set ?ssl? to ?any-cert? (or yes), it will attempt a TLS-connection to the sieve-backends, which fails. My attempt was to alter the query to include

Hi, I'm attempting to proxy lmtp using director to hash to the same backend as pop3/imap. My pop3/imap users are of the form: username and my lmtp users are of the form: <username at domain> Where domain is fairly redundant but does carry some useful information. Now, I can proxy lmtp using user=%{username} and destuser=%{orig_user}, and this all appears to work correctly.

Hi help is preciated, PROBLEM The dovecot-ldap.conf of "proxy server A" is working when the "host" attribute is the FQDN of other server: pass_attrs = uid=user,userPassword={SSHA}password,\ =proxy_maybe=,maildrop=host,=port=143,=destuser=%u,=starttls=any-cert pass_filter = (&(objectClass=posixAccount)(uid=%u)) CASES When the "host" attribute is the

Hi all, i have some troubles in the implementation of my proxyconfiguration. i have two kind of users, the first will be proxied to a dovecot backend with masteruser-login, the other one will be proxied to another non-dovecot imapserver with nopassword. Everything looks to work if i use passwd-file like this: user1:{PLAIN}pass1:::::::proxy=y host=192.168.1.1 destuser=user1*masteruser

Hello list, Still need your help configuring proxy infrastructure. Today, I really struggle configuring master passwords forwarding. What I want: master user can connect to any other account, on proxy. Could please somebody help me, I read both articles about this on wiki, but still can't connect :( What I did: on proxy: auth_master_user_separator=* passdb sql { args =

Hi, I've been trying to build a password forwarding proxy to Gmail without success... The SSL connection to Dovecot is happening no problem (as far as I can tell), but for some reason the conversation between Dovecot and Gmail is getting timed out. I know this is supposed to be simple... :-( But could somebody please give me some help by pointing what I'm not doing right? No matter

Hi For some application we need a master user on our IMAP servers. We use dovecot 1.1.7 in proxy mode, with proxy_maybe (some mailboxes are on the proxy itself, others are on remote servers, also running dovecot). But the proxy removes the '*master' suffix from the username when using the master user to log in on the proxy. So the base name of the user with the master password are

I tried some more things, such as setting starttls=NULL or ssl=NULL, which does the same as setting it to ?no?. Interestingly, if I set ssl=NULL and don?t set starttls at all, it still tries an SSL connection to the backend. Is there no way to use starttls or ssl depending on a variable? It could also be possible that I have starttls-backends and ssl-backends which would be a similar use-case to

I have successfully set up the master user on the destination server (2.0.11) and tests have worked. now I'm working on the proxy Before I had the proxy just forward everything to the backend and had the destination server do the authentication. My authentication is done via LDAP but not really sure how to append the master user and password to the users credentials after authentication is

Started implementing the MasterUser changes to my config files so I can finally offer SPA for pop3/imap. Things are working fine with the MasterUser (horray!), however one of my guys started using SPA with Outlook Express and started getting another users mailbox. Turns out to be related to NTLM. His Outlook express is configured for the username of 'johnsmith'. However, you'll see

Hi list, I set up dovecot as IMAP proxy using a master user to login into the backend and it works beautifully. ?? Next I set out to do LMTP proxying and I struggled (initially). I got the log message: Mar 17 11:23:44 mail postfix/lmtp[2665]: 99A3F219C8: to=<johnny at doe.com>, relay=10.15.1.2[10.15.1.2]:24, delay=5.1, delays=4.9/0.05/0.01/0.07, dsn=5.1.1, status=bounced (host

Hello, I'm using proxy_maybe and auth_default_realm. It seems that when a user logs in without the domain name, relying on auth_default_realm, and the "host" field points to the local server, I get the Proxying loops to itself error. It does work as expected - log on to the local server without proxying, if the user does include the domain name in the login. (IP's and

Hello, I understand the matter of using Dovecot as a forward proxy to Gmail is very popular (and even trivial), but my lack of Dovecot experience took me to at point where I truly need your help... I'm starting my task by trying to have something simple, where I can test connectivity to Gmail by sending a telnet to our Dovecot server. The Dovecot server accepts the telnet request, but for

Hello, I'm trying to use ACLs to restrict subscription on public mailboxes, but I went into trouble. My setup is made of two servers, and users are shared between them via a proxy. User authentication is done with LDAP, and credentials aren't shared between the mailservers. Instead, the proxies are using master password. The thing is that when the ACLs are checked, it actually doesn't

When using proxy_maybe CRAM-MD5 authentication fails when the connection is proxied. Is this expected behavior? Is proxy_maybe too simplified for this case? We're using SQL so I could rewrite the query with IFs to fake proxy_maybe and return the password as NULL and nologin as Y, but if it works that way couldn't it work with proxy_maybe? This works: password_query = \ SELECT NULL AS

I'm finally picking my dovecot project back up now, and after upgrading rc19 to rc27, I sent a test message to an existing account which resulted in log entries like these: Mar 16 08:45:37 node7 deliver(user at example.com): Corrupted transaction log file /var/indexes/example/com/u/us/user/.INBOX/dovecot.index.log: Append with UID 3, but next_uid = 15368 Mar 16 08:45:37 node7

Hello, I want to use Dovecot as a POP3 proxy (http://wiki.dovecot.org/HowTo/ImapProxy). All is working fine on my sample platform, except that I have plenty (several thousands) of users that login using local_part#domain, instead of local_part at domain, which is an old setting on my POP3 server. And in that case, Dovecot returns 'Authentication failed'. Here is my proxy table :

dovecot 2.3.13 Hi, I'm looking for a way to make director use a user at domain that is returned by the database for hashing but actually send the original user at domain in the proxied request. I cannot seem to find a way. I can change the name used for hashing by just returning a different user from the db. but that user is also the one that is send in the proxied request. this is