similar to: %{orig_user} missing in checkpassword-Script

Displaying 20 results from an estimated 500 matches similar to: "%{orig_user} missing in checkpassword-Script"

2014 May 03
1
%{orig_user} missing in checkpassword-Script
Dear dovecot maintainers: I'm using SSL client certificates together with a checkpassword scripts to authenticate our users. My problem is: In the checkpassword script the AUTH_USER environment variable will either contain the username that was configured in the mailclient (if auth_ssl_username_from_cert=false) or the username from the certificate (if auth_ssl_username_from_cert=true). I
2015 Sep 12
0
Need help on checkpassword userdb/passdb
Not to be grumpy, but I've posted a dozen or more message to this list in the past week about what I think might be relatively common/easy issues and have had zero response except from Rick Romero who is trying, but hasn't actually done what I need himself. I'm sure someone has. Perhaps these problem are too mundane compared to CalDAV, sieve filtering and IPA to excite List interest?
2001 Apr 20
0
Fudging domain support - samba 2.2.0
Hi; There is likely a supported way around this problem, but it wasn't immediately apparent to me. So, I created the enclosed patch to fix my problem. What I would like to do is the following: - run samba in "security = domain" - not use trusted domains, but allow people to connect from other domains - not maintain a local encrypted password file for samba, but instead use our
2014 Oct 03
2
Thunderbird ignores some folders
Dear readers we are using Dovecot 2.2.7 and all of our users are using Thunderbird as their mail client. Some of them additionally use their iPad/iPhone and a very few an Android Mail-Client. Now one user noticed that two of his mail folders disappeared. He first believed that he accidentally deleted those folders but then he realized that they are still visible from his iPad. I checked this
2015 Sep 11
2
Need help on checkpassword userdb/passdb
I'm experimenting with checkpassword as an auth method for usedb and passdb (http://wiki2.dovecot.org/AuthDatabase/CheckPassword). I've set up the userdb and passdb *exactly* as the wiki suggests as the "standard way": passdb { driver = checkpassword args = /user/util/bin/checkpassword } userdb { driver = prefetch } I've created a checkpassword program that does
2016 Jun 16
2
Recipient delimiter and lmtp proxying
Hi, I'm attempting to proxy lmtp using director to hash to the same backend as pop3/imap. My pop3/imap users are of the form: username and my lmtp users are of the form: <username at domain> Where domain is fairly redundant but does carry some useful information. Now, I can proxy lmtp using user=%{username} and destuser=%{orig_user}, and this all appears to work correctly.
2013 Apr 07
1
checkpassword protocol
Hi, I'm writing a checkpassword script in order to support our OTP token as a fallback for client certificate authentication. Here are two questions: 1) It seems to me that the username and the password will be delivered to my script both on file descriptor 3 and via the environment variables AUTH_USER and AUTH_PASSWORD. May I ignore file descriptor 3 and use the environment variables or may
2018 Mar 26
1
destuser setting useless on LMTP proxy
I tried setting the "destuser" setting on the LMTP director as follows, to preserve the original envelope rcpt: protocol lmtp { auth_socket_path = director-userdb passdb { driver = ... override_fields = destuser=%{orig_user} } } The passdb driver would return the appropriate "user" for each alias. Suppose, for example, user1 has emails user1 at domain.tld,
2013 Sep 25
2
v2.2.6 released
http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz.sig I didn't have time to look into the latest reported dsync replication bugs, but this release should have been done a long time ago already and I'm busy for next few days, so no more waiting. Things seem to be working quite well in general though. * acl: If public/shared
2013 Sep 25
2
v2.2.6 released
http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz.sig I didn't have time to look into the latest reported dsync replication bugs, but this release should have been done a long time ago already and I'm busy for next few days, so no more waiting. Things seem to be working quite well in general though. * acl: If public/shared
2019 Feb 05
0
CVE-2019-3814: Suitable client certificate can be used to login as other user
Dear subscribers, we're sharing our latest advisory with you and would like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs (open-xchange, dovecot, powerdns) at HackerOne. Please find patches for v2.2.36 and v2.3.4 attached, or download new version from https://dovecot.org Yours sincerely, Aki Tuomi Open-Xchange Oy
2014 May 01
0
Problems with login_log_format (possible bug?)
login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> These are the defaults, at least on a Fedora system. According to http://wiki2.dovecot.org/Variables, this should record for user at REALM when seeing the following Apr 30 18:08:40 TeaSet dovecot: auth: Debug: auth(user,...,<JhKid0v4bAAKAQG6>): username
2019 May 16
1
Mutual auth and MS Outlook
I am trying to get Dovecot IMAP and Outlook to talk to each other with SSL and client certificates enabled. In Dovecot, I have the following options enabled: ssl_ca = ... ssl_verify_client_cert = yes auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes when I try to connect with Outlook, I get: May 12 08:07:50 mail dovecot: imap-login: Disconnected (client didn't
2014 May 05
2
Broken IMAPS Connects Create Lingering imap-login Processes
Hello everyone, we are running a central server (CentOS 6.5, dovecot-2.0.9-7.el6 with a small patch to disable the IMAP CREATE command, and openssl-1.0.1e-16.el6_5.7) and distribute standard client software to customer( site)s. The clients do IMAPS connects in regular intervals (no IDLE, no lingering logins) and authenticate with certs issued by a dedicated PKI ("auth_ssl_username_from_cert
2019 Mar 31
1
Why is 'sent' folder missing in my MUA(email client)
hello, I'm successfully send and receive emails by postfix and dovecot, but folder name 'Sent' is gone, all sent emails are located in Drafts folder. Anything wrong? Guess it has something to do with mailbox and location. Here is `doveconf -n` ------------------ auth_cache_size = 1 M auth_debug_passwords = yes auth_mechanisms = plain login auth_ssl_username_from_cert =
2010 Dec 15
2
ssl enabled, but ssl_cert not set ( 2.0.7 freebsd 8.1 )
hello trying to install dovecot 2 on a fresh installed machine I get this error message : doveconf -n > dovecot-new.conf doveconf: Error: ssl enabled, but ssl_cert not set doveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/dovecot.conf: ssl enabled, but ssl_cert not set the ssl config file look like the following : Thanks for any info. ## ## SSL settings ## # SSL/TLS
2010 Dec 15
1
Dovecot 2.0.8 don´t recognize auth user format
My configuration file have this lines: # doveconf | grep user auth_anonymous_username = anonymous auth_master_user_separator = auth_socket_path = auth-userdb auth_ssl_username_from_cert = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu <-----(in version 1.2.10 this work fine) auth_username_translation =
2014 Jun 23
0
Wishlist: add a variable %{x509} expanding to the client cert in Dovecot-auth
Hi there, As of Dovecot 2.2.9, it's possible to enable passwordless authentication using client certificates [1]: ssl_ca = </etc/ssl/ca.pem ssl_verify_client_cert = yes auth_ssl_username_from_cert = yes (Password checking can be bypassed by returning the extra fields ?password= nopassword? in the passdb when the variable ?%k? expands to "valid".) However this
2018 Feb 18
0
SASL LOGIN mechanism with nopassword
Hi list, I've noticed dovecot pop3 does not request the password with 'AUTH LOGIN' when nopassword is set. dovecot-2.2.18 auth_mechanisms = plain login ssl = required auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes passdb { ? driver = ldap ? args = /etc/dovecot/dovecot-ldap.conf.ext ? default_fields = nopassword=yes userdb_uid=vmail userdb_gid=vmail
2018 Feb 01
0
Why does dovecot reject password when authorizing by a certificate?
Try adding auth_debug_password=yes Aki On 01.02.2018 10:27, yuryb wrote: > We have FreeBSD-server with dovecot installed on it as IMAP-server. My > user and password database is a text file with plaintext passwords. > Clients connect to imap-server via TLS protocol and plaintext > password. All works fine. But I want to configure ability to authorize > with a client certificates.