similar to: Unable to Kerberos/GSSAPI an existing user on new workstation

My last message probably contained too much information. This one is more succient. I have a user, 'mark', who has been running a Thunderbird client on Windows to Dovecot server with Kerberos/GSSAPI authentication for over a year. I created a new Tbird account on a new Linux workstation for 'mark', also with Kerberos/GSSAPI and that worked just fine. I have another user,

I've been running with Dovecot 2.2.15 on my mail server and Thunderbird on workstations with Kerberos/GSSAPI authentication. This has been working for over a year for 10 users. The other day, I replaced a user's workstation and set up this user with a Thunderbird client. Unfortunately, I got the error: "The Kerberos/GSSAPI ticket was not accepted by the IMAP server ... please

mark at ohprs.org > My last message probably contained too much information. This one is more succient. "Succint" may not be the right adjective, because I think this is the third copy I've seen. > Here is the dovecot log when user dsmith attempts to connect to dovecot > from the Tbird client: What I see is ... > Jul 11 19:29:46 imap-login: Info: Disconnected (no

hi, check your /etc/openldap/ldap.conf for REFERRALS off I had this errors with "referrals on" in misconfigured dns environments. you can debug the dns packets by strace-ing the auth process On Tue, 8 Sep 2015 11:00:37 +0200 Fran <cumc-4361-2 at chguadalquivir.es> wrote: > Hello, > > my dovecot installation has been working fine against AD till we >

Can you On 12.12.2016 13:00, Mart Pirita wrote: > Hello. > > > Few days ago upgraded from v2.2.26.0 >v2.2.27 and now windows 10, with > any outlook version (2007,2010,2013,2016) doesn't connect IMAP SSL: > > > Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: elliptic curve > secp384r1 will be used for ECDH and ECDHE key exchanges > Dec 12 12:29:35

Hello. Few days ago upgraded from v2.2.26.0 >v2.2.27 and now windows 10, with any outlook version (2007,2010,2013,2016) doesn't connect IMAP SSL: Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key

Hi Matthias, thank you very much! that fixed the problem. I had workaround the problem by using "base = ou=xxxx, dc=dom", instead of "base = dc=dom" in the dovecot-ldap.conf.ext file, because that also worked (I don't know why, but the problem happen if you use as base just the domain, but not if you add a second level). But that forced to me to use several userdb/passdb

Hi! I am trying to make Windows 8 using Live 2012 and Outlook 2010 login in Dovecot POP3s. However, I receive this message in log: Feb 28 07:32:05 ipanema dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=10.0.0.10, lip=10.0.0.1, TLS handshaking: Disconnected, session=<joP78nTz9ACsFQAF> Note that user is sent as blank and this is the only log line. I used

Fran and/or Matthias, Could you publish your doveconf -n? I can't get dovecot to authenticate with my AD. Maybe you have a solution I could try. What mail client(s) are you using? I assume by "AD 2003/8" You mean SBS2003/8 and are therefore using Outlook? --Mark -----Original Message----- > Date: Wed, 9 Sep 2015 17:22:34 +0200 > From: Matthias Lay <matthias.lay at

> On Jun 28, 2016, at 10:32 PM, Mark Foley <mfoley at ohprs.org> wrote: > > Aki - partial success! I rebuilt my dovecot with ./config --with-gssapi, and restarted. Now I > don't get that "Unknown authentication mechanism 'gssapi'" message in maillog, and mail is > delivered successfully to the other domain users having PLAIN authentication. That's a

Hi all, I think I've found a small bug in how Dovecot logs SSL/TLS info. Basically, if I connect to the server using TLS, the logs have a lot of entries saying I used SSLv3 (which is not allowed). Here's my system info: OSX Yosemite (x86_64, HFS+) Dovecot 2.2.15 (via Homebrew) OpenSSL 0.9.8zd The configuration (see below) disallows SSLv3, and if I try and connect with OpenSSL to test

The last log line shows "user=<>". This indicates no credentials were presented. If the rip field matches the client ip you tested from, I would bet the appropriate kerberos ticket (imap/host.domain.tld at REALM) was not pulled for the authentication. On Jun 28, 2016 11:33 PM, "Mark Foley" <mfoley at ohprs.org> wrote: > Aki - partial success! I rebuilt my

Hello I am using dovecot 2.2.10 on CentOS 7 Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios Please find debug log mail dovecot[24287]: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [X.X.X.X] mail dovecot[24287]: imap-login: Debug: SSL: where=0x2001, ret=1:

Hello, my dovecot installation has been working fine against AD till we upgrade from AD 2003 to AD 2008. As http://wiki2.dovecot.org/AuthDatabase/LDAP said, now I'm not able to connect AD through 389 port. The port 3268 works fine though. (...) Sep 7 19:02:05 <dovecotServer> dovecot: imap-login: Error: master(imap): Auth request timed out (received 0/12 bytes) Sep 7 19:02:05

Hi, I enabled rawlog. Everything seems to be OK but the dovecot-log shows a fatal error and core dump. (created a core file) Arvid Rawlog in <<< STAT >>> <<< LIST >>> <<< UIDL 1 >>> <<< UIDL >>> <<< QUIT >>> Rawlog out <<< +OK Logged in. >>> <<< +OK 22 17589388

Hi all, after upgrade from some 2.0 version to 2.2.19 (debian) i face map login problems: # doveconf -n # 2.2.19 (ca91d540fd87): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.9 # OS: Linux 2.6.32-5-amd64 x86_64 Debian 8.2 ext4 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain debug_log_path = /var/log/dovecot-debug.log hostname = test.my.domain.de

> On 4 Sep 2019, at 21:35, Jean-Daniel <jddupas at xooloo.com> wrote: > > Just a wild guess as I didn?t try to configure Mail on Catalina yet, but it looks like your server only supports ?DHE-RSA?? ciphers. > I think that modern systems prefers using ECDHE key exchange and would not be surprise if iOS requires it. > Well I got the OpenSSL parts working now, but newer

I would expect the public cert to be imported as a "server" not an "auth" The attached image shows that TBird wants an httpS url for a webserver, for the source. Ages ago, I think it prompted for "do you want to trust this new cert" and YES added it (assuming that is the public key) to the server list.? A bit confused by this. <see attached thunderbird

doveconf -n output: # 2.3.2.1 (0719df592): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.2 () # OS: Linux 4.18.0-12-generic x86_64 Ubuntu 18.10 # Hostname: mail.example.org auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes director_mail_servers = XX.XX.XX.XX hostname = mail.example.org log_path = /var/log/dovecot.log login_trusted_networks =

Hi, Below, you have only the submission-login debug log (authentication). I'm more interested in what happens after that. You'll need to enable mail_debug=yes (at least for the user involved) to get that. Regards, Stephan. Op 18/12/2018 om 17:17 schreef Ruud Voorjans: > Postfix debug peer logging > > Dec 18 17:08:11 mail postfix/submission/smtpd[10626]: > >