similar to: destuser setting useless on LMTP proxy

Hi, I'm attempting to proxy lmtp using director to hash to the same backend as pop3/imap. My pop3/imap users are of the form: username and my lmtp users are of the form: <username at domain> Where domain is fairly redundant but does carry some useful information. Now, I can proxy lmtp using user=%{username} and destuser=%{orig_user}, and this all appears to work correctly.

Hi All My first post to the list, so "hello world"! Having searched the list archives and the wiki for an answer to this, I don't think it is possible. However, let me ask nonetheless... Is it possible for a Dovecot proxy's login process (IMAP and POP3) to include the "destuser", i.e. the uid used to authenticate to the backend IMAP/POP3 server, in its logging?

Hi list, I set up dovecot as IMAP proxy using a master user to login into the backend and it works beautifully. ?? Next I set out to do LMTP proxying and I struggled (initially). I got the log message: Mar 17 11:23:44 mail postfix/lmtp[2665]: 99A3F219C8: to=<johnny at doe.com>, relay=10.15.1.2[10.15.1.2]:24, delay=5.1, delays=4.9/0.05/0.01/0.07, dsn=5.1.1, status=bounced (host

A warning to those considering to upgrade to Debian 10 (buster): we have seen occasional NFS hangs with dovecot when using the stock debian buster kernel (4.19.67-2+deb10u1). When we downgrade to the debian stretch kernel (4.9.189-3+deb9u1), the issue does not occur. Note that we *only* downgraded the kernel, the rest of the OS is still debian buster. Dovecot 2.3.8. A little more info: we have a

Hello list, Still need your help configuring proxy infrastructure. Today, I really struggle configuring master passwords forwarding. What I want: master user can connect to any other account, on proxy. Could please somebody help me, I read both articles about this on wiki, but still can't connect :( What I did: on proxy: auth_master_user_separator=* passdb sql { args =

Hi help is preciated, PROBLEM The dovecot-ldap.conf of "proxy server A" is working when the "host" attribute is the FQDN of other server: pass_attrs = uid=user,userPassword={SSHA}password,\ =proxy_maybe=,maildrop=host,=port=143,=destuser=%u,=starttls=any-cert pass_filter = (&(objectClass=posixAccount)(uid=%u)) CASES When the "host" attribute is the

Hi all, i have some troubles in the implementation of my proxyconfiguration. i have two kind of users, the first will be proxied to a dovecot backend with masteruser-login, the other one will be proxied to another non-dovecot imapserver with nopassword. Everything looks to work if i use passwd-file like this: user1:{PLAIN}pass1:::::::proxy=y host=192.168.1.1 destuser=user1*masteruser

Started implementing the MasterUser changes to my config files so I can finally offer SPA for pop3/imap. Things are working fine with the MasterUser (horray!), however one of my guys started using SPA with Outlook Express and started getting another users mailbox. Turns out to be related to NTLM. His Outlook express is configured for the username of 'johnsmith'. However, you'll see

Dear dovecot maintainers: I'm using SSL client certificates together with a checkpassword scripts to authenticate our users. My problem is: In the checkpassword script the AUTH_USER environment variable will either contain the username that was configured in the mailclient (if auth_ssl_username_from_cert=false) or the username from the certificate (if auth_ssl_username_from_cert=true). I

Hello, I'm using proxy_maybe and auth_default_realm. It seems that when a user logs in without the domain name, relying on auth_default_realm, and the "host" field points to the local server, I get the Proxying loops to itself error. It does work as expected - log on to the local server without proxying, if the user does include the domain name in the login. (IP's and

There's a bug in "folder delete" for lazy expunge, type "1 namespace", as descibed on https://wiki2.dovecot.org/Plugins/Lazyexpunge When trying to delete a mailbox that still has messages in it, but that has no EXPUNGED/<name> counterpart, the process hangs after the imap "DELETE" command, and the following appears in the log file after a 60s timeout: Jun

When using proxy_maybe CRAM-MD5 authentication fails when the connection is proxied. Is this expected behavior? Is proxy_maybe too simplified for this case? We're using SQL so I could rewrite the query with IFs to fake proxy_maybe and return the password as NULL and nologin as Y, but if it works that way couldn't it work with proxy_maybe? This works: password_query = \ SELECT NULL AS

Hi, I've been trying to build a password forwarding proxy to Gmail without success... The SSL connection to Dovecot is happening no problem (as far as I can tell), but for some reason the conversation between Dovecot and Gmail is getting timed out. I know this is supposed to be simple... :-( But could somebody please give me some help by pointing what I'm not doing right? No matter

Hi, I'm trying to migrate from maildir to mdbox while preserving the pop3 UIDL (and the imap UID). The problem is, for maildir we use (for compatiblity with qpopper): pop3_uidl_format = %f Problem is, as soon as I convert that to mdbox, then whenever a client issues the UIDL command via a POP connection, the connection is closed and this error is displayed in the log: Error: UIDL: File

I wanted to forward information from the director to the backend dovecot (original login name), so I had the userdb on the director return a forward_ologin variable. However, when I tried to use that variable in the "password_key" query on the backend dovecot, ${forward_ologin} was expanded to UNSUPPORTED_VARIABLE_forward_ologin. After testing a bit and looking around in the source a

We are using samba with a NT4.0 Primary Domain Controller as a samba password server. Logon validation on the primary domain controller works fine, the NT machine validates the user password. BUT: On the NT PDC the event log shows numerous entries saying: Unknown user or wrong password Did anybody experience this too ???? Rainer von Bongartz /D/I/L/ rainer.von-bongartz@dil.de

I have a problem with new version (1.9.18p8) of SAMBA and username mapping. Configuration: WindowsNT 4.0 Workstation + SP1 WindowsNT domain - NTEP01 is PDC Digital UNIX 3.2C Username on NT: Babor Username on UNIX: baborl In SMB.CONF I have following lines: [global] security = server password server = NTEP01 username map = /usr/local/samba/lib/username.map username.map: baborl = babor

Hi For some application we need a master user on our IMAP servers. We use dovecot 1.1.7 in proxy mode, with proxy_maybe (some mailboxes are on the proxy itself, others are on remote servers, also running dovecot). But the proxy removes the '*master' suffix from the username when using the master user to log in on the proxy. So the base name of the user with the master password are

I am hoping to support encrypted passwords, which I know is generally not allowed in a proxy setup. However, I can return the password in clear-text out of the password database, so I was hoping for something similar to the destuser field. I have successfully used the master password functionality to support encrypted passwords (users impersonating themselves), as long as the back-end server

(I'm not subscribed to the list, please Cc me on replies). We have configured sshd to listen on port 80 for some of our users who are behind sufficiently paranoid firewalls. However, others are now confused since they're expecting a web server on port 80. So, I created a small patch (just as proof-of-concept so far), that determines the type of client connecting. A web client will start