Displaying 20 results from an estimated 8000 matches similar to: "why is dovecot "Allowing any password""
2018 Mar 21
2
why is dovecot "Allowing any password"
Hi AKi,
Thanks for the quick answer!
On 03/21/2018 05:24 PM, Aki Tuomi wrote:
> This is what 'nopassword=y' does. I'm guessing this is an attempt to allow logging in from localhost without password, but I'd use master password (for applications or webmails), or
Yes, the config is taken from the SOGo configuration guide, which can be
seen here:
2018 Mar 21
0
why is dovecot "Allowing any password"
> On 21 March 2018 at 18:12 mj <lists at merit.unu.edu> wrote:
>
>
> Hi,
>
> I noticed the following in the logs of our debian wheezy server:
>
> > Mar 21 07:13:47 mail dovecot: auth: Debug: ldap(username,1.2.3.4,<g2/rF+ZnjAAu5ceg>): bind search: base=CN=Users, DC=samba, DC=company, DC=com filter=(&(objectclass=person)(sAMA
> >
2018 Mar 21
2
why is dovecot "Allowing any password"
Hi Aki,
On 03/21/2018 05:43 PM, Aki Tuomi wrote:
> Mar 21 07:13:48 mail dovecot: auth: static(username,1.2.3.4,<g2/rF+ZnjAAu5ceg>): allow_nets check failed: IP not in allowed networks
>
> this indicates that the request is marked failed.
So, what you are saying is: the logline "Allowing any password" is
'wrong'? Access was actually DENIED, even though it says
2018 Mar 21
0
why is dovecot "Allowing any password"
> On 21 March 2018 at 18:31 mj <lists at merit.unu.edu> wrote:
>
>
> Hi AKi,
>
> Thanks for the quick answer!
>
> On 03/21/2018 05:24 PM, Aki Tuomi wrote:
> > This is what 'nopassword=y' does. I'm guessing this is an attempt to allow logging in from localhost without password, but I'd use master password (for applications or webmails), or
2018 Mar 21
0
why is dovecot "Allowing any password"
> On 21 March 2018 at 18:58 mj <lists at merit.unu.edu> wrote:
>
>
> Hi Aki,
>
> On 03/21/2018 05:43 PM, Aki Tuomi wrote:
> > Mar 21 07:13:48 mail dovecot: auth: static(username,1.2.3.4,<g2/rF+ZnjAAu5ceg>): allow_nets check failed: IP not in allowed networks
> >
> > this indicates that the request is marked failed.
>
> So, what you are
2014 Nov 28
2
how to start a replication master-master correctly
Hi all, I currently have one dovecot 2.2.15 working and I would like to add
a second master server. If I configure the second server and enable the
dsync in both servers, the sync will copy everything from A to B ? I mean,
B server won't remove messages in A as it doesn't have anything in its
users mailbox?
The second master server will be a cold server just for contingency.
Thanks
2017 Jul 12
3
Master auth only
> On July 11, 2017 at 11:50 AM azurit at pobox.sk wrote:
>
>
>
> Cit?t azurit at pobox.sk:
>
> > Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>:
> >
> >>> On July 10, 2017 at 1:45 PM azurit at pobox.sk wrote:
> >>>
> >>>
> >>>
> >>> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>:
> >>>
>
2008 Oct 28
3
allow_nets overridden by cache
Hi,
I've just started trying allow_nets on one of my servers. I have
auth_debug and auth_verbose both enabled and the output is as follows:
Oct 28 13:05:48 mink dovecot: auth-worker(default):
auth(user at domain.net,x.x.x.x): allow_nets: Matching for network
127.0.0.1/8
Oct 28 13:05:48 mink dovecot: auth-worker(default):
auth(user at domain.net,x.x.x.x): allow_nets: Matching for network
2019 Apr 30
8
Feature request: exclude IP/network in allow_nets extra field
Dear all,
We use `allow_nets`[1] to restrict login clients, it works fine.
Recently we need to allow some users to login from everywhere except some IP/networks, how can we accomplish this with "allow_nets"?
Tried allow_nets="!a.b.c.d", but Dovecot reports error "allow_nets: Invalid network '!a.b.c.d'".
Can we have this feature?
i guess it should be done
2006 Oct 17
2
allow_nets and mysql question
Hi.
I want to use allow_nets in my configuration, but i have some troubles
which i cant resolve.
To use allow_nets i creates `allow_nets` text field in my mysql users
table. My query is:
from: dovecot/sql.conf:
password_query = SELECT crypt as password, maildir as userdb_mail, 6 AS
userdb_uid,6 AS userdb_gid, allow_nets FROM users WHERE id = '%u'
from dovecot.conf:
auth default {
2007 Jan 12
1
dovecot Digest, Vol 45, Issue 18
>
> I use postfx 2.3.5 + dovecot (pop3/imap/lda/auth daemon for postfix) rc15.
>
> root at post /etc/postfix# grep dovecot main.cf
> smtpd_sasl_type = dovecot
> virtual_transport = dovecot
> dovecot_destination_recipient_limit = 1
>
> root at post /etc/dovecot# grep password_query dovecot-sql.conf
> password_query = SELECT mail as user, cryptp as password,
>
2015 Dec 22
2
allow_nets=local in passdb gets "auth: Panic"
Hi,
I have the following configuration in my dovecot.conf for Dovecot 2.2.21:
passdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
default_fields = allow_nets=local,127.0.0.1,10.255.1.0/24
}
This triggers "auth: Panic" on POP3/IMAP logins as the below:
Dec 22 14:57:39 localhost dovecot: auth: ldap(u0000,::1,<oiF8SHYngqsAAAAAAAAAAAAAAAAAAAAB>): allow_nets:
2009 Feb 28
1
allow_nets
Hello,
Im using Ubuntu 8.10 with Dovecot 1.0.10.
I am using passwd files, not a MySQL database.
I have 2 files, a "users" file, and a "passwd" file.
I have added:
allow_nets=10.1.10.1 to the end of a specific users entry in the users file.
When that user tries to login, I get the following in the logs:
dovecot: 2009-02-28 09:06:59 Error: IMAP(bob at mydomain.com):
2008 Mar 31
2
Allow_nets + MySQL failing when using range notation
Hello all,
I am testing my dovecot installation in order to restrict access via
POP3 for IPs outside my network. I have read and understood the
instructions in the wiki and I have reached a configuration that works
ONLY when single IPs are listed in allow_nets but not when ranges in the
notation x.x.x.x/y are listed. Some examples should be more explanatory.
I am using 1.0.rc15 patched as
2009 Apr 10
1
allow_nets and deliver + userdb lookup
Hello!
I'm trying to restrict imap logins to our internal network for several
users, but this breaks dovecot delivery too
Even if i set allow_nets to NULL or 0.0.0.0/0 deliver exits with "Error:
Auth lookup returned failure"
i'm running it as 'command = /usr/lib/dovecot/deliver -e -d
"$local_part@$domain" -s' in exim.conf
i guess delivery lookups should
2008 May 14
2
mysql index control allow nets
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hi,
I am using dovecot 1.0.13 with sieve plugin, index, control and allow
nets in my userdb per user.
I am trying to have the same configuration with dovecot 1.1 and MySQL.
According to log files when a virtual user is connecting to dovecot,
the dovecot reads from MySQL the correct values but dovecot doesnt
create the dirs for INDEX, CONTROL and the
2019 Apr 30
3
Feature request: exclude IP/network in allow_nets extra field
> On Apr 30, 2019, at 11:21 AM, @lbutlr via dovecot <dovecot at dovecot.org> wrote:
>
> On 29 Apr 2019, at 19:56, Zhang Huangbin via dovecot <dovecot at dovecot.org> wrote:
>> Recently we need to allow some users to login from everywhere except some IP/networks,
>
> Can you use firewall rules for this?
I suppose not. We don't restrict ALL users this way,
2010 Feb 15
2
Problem with allow_nets passdb parameter and Postfix
I use Dovecot for SASL authentication from Postfix. In Postfix main.cf I
have:
smtpd_sasl_type = dovecot
It works good, but now I need to allow users to connect by IMAP only from
given IP adresses. I've added extra field allow_nets to passdb in Dovecot,
and IMAP authentication works fine. But now I can't connect to my SMTP
server because when smtpd ask dovecot about user
2014 Jan 25
1
allow_nets + default + ldap
Hello,
I'm playing with allow_nets function. It is really cool!
In a filebased passwd backend you simply add "allow_nets=192.0.2.143/32"
as mentioned in http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets
But if I use an LDAP backend it looks different.
Following http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds and
2017 Jul 13
1
Master auth only
> On 12 Jul 2017, at 15.46, Rick Romero <rick at havokmon.com> wrote:
> This is awesome, as I was just contemplating how to maintain persistence with 2FA.
> Is it possible to use a passdb based on remote ip? There's a username_filter, but I want to use a master password for webmail (which will use 2FA via Radius), and those IPs are known and non-routable.
passdb {
driver =