similar to: Proxy testing in container( chown failed /var/dovecot/login)

I added this to the 10-master imap-login, pop3-login and submission-login, but keep this message Doveconf still lists imap-urlauth-login with chroot = token-login, also when changing this one to chroot = the error persists. Fatal: fchown() failed for /var/dovecot/login: Operation not permitted -----Original Message----- Subject: Re: Proxy testing in container( chown failed

You should probably disable chrooting for login services if you are running as non-root... service imap-login { ?chroot = } Aki On 11.11.2019 14.59, Marc Roos via dovecot wrote: > I am testing a bit with the proxy, and trying to run dovecot as a normal > user. (with cap bind_service). I was wondering what the minimum > configuration is for running like a proxy. > > I am now

Hi I'm aware that there are several good reasons not to do what I want, but in my use-case it would be an interesting feature. So please no discussions about the reasonableness I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is disabled. But as I daily have thousands of AUTH tries I thought it would be nice to be able to accept any AUTH request from postfix in dovecot. Is

Hi! I have a few questions regarding Dovecot proxy: 1. 1.1 If I understand correctly, setting 'nopassword' in the proxy passdb file, authentication is completely up to the destination host. Setting 'nopassword' in no way means the proxy becomes an open relay. Is this correct? 1.2 Are there any security implications when using 'nopassword' on the proxy? 2. 2.1 I would

My query? Is dovecot not getting this field automatically? -----Original Message----- Subject: Re: Dovecot proxy with ldap, complains about 'host not given' On 23 Nov 2019, at 16:11, Marc Roos <M.Roos at f1-outsourcing.eu> wrote: > It looks like the dovecot proxy can authenticate correctly but fails > then on with this message > > Nov 23 23:33:33 test2 dovecot:

Hi all, i have some troubles in the implementation of my proxyconfiguration. i have two kind of users, the first will be proxied to a dovecot backend with masteruser-login, the other one will be proxied to another non-dovecot imapserver with nopassword. Everything looks to work if i use passwd-file like this: user1:{PLAIN}pass1:::::::proxy=y host=192.168.1.1 destuser=user1*masteruser

Can we remove/change this in the source? So we do not have to add the CAP_CHOWN with containers. chown(/var/dovecot/login/ipc-proxy) When run as root this has user dovenull, maybe this can be resolved by using a group dovenull? bash-5.0# ls -arlt total 4 srw-rw-rw- 1 root root 0 Nov 21 22:27 pop3 srw-rw-rw- 1 root root 0 Nov 21 22:27 login srw-------

Hi, I was looking into the new Authentication Policy feature: https://wiki2.dovecot.org/Authentication/Policy I had kinda hoped that I would be able to enfore this in a proxy running in front of several backends. This proxy does not authenticate. It use "nopassword". But I realize that the "succes" reported in the final authpolicy req. (command=report) is not what is

Hi all, I'm trying to setup a Dovecot proxy that authenticates the user against two backend servers. If login server1 fails, server2 should be tried. The problem: Only the first server seems to be tried, even if the login fails. Config snippet: protocol imap { passdb { driver = static args = proxy=y nopassword=y host=oldserver1.example.com port=993 ssl=y }

Hello, Thanks for the advice, I have made that change now but the server is still doing the same fail with no logs thing it was before. # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.9.0-8-amd64 x86_64 Debian 9.6 auth_debug = yes auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no login_greeting = Welcome to easyMail.

I added this: passdb { driver = passwd skip = authenticated } Which enables indeed local delivery, I also noticed this. Maybe the password field check shoud not be done, when you enable skip authentication? Dec 16 10:26:37 svr1 dovecot: auth-worker(12046): Debug: passwd(test): lookup Dec 16 10:26:37 svr1 dovecot: auth-worker(12046): passwd(test): invalid password field '*'

Hello. Sorry. Since 2.3.9 was released, I installed it immediately and tried to set "lmtp_add_received_header" to "no". But it seems different from what I wanted to do. The following is my configuration file. Please let me know if there are any other configuration files that need to be listed. Is there any way to avoid adding it to the ?received? header? -----

Hello, Absolutely, thanks, here it is: # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.9.0-8-amd64 x86_64 Debian 9.6 auth_debug = yes auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no login_greeting = Welcome to easyMail. mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " mail_log

I receive a local mail when I do a 'mail test' on a backend svr1 with this[0] configuration. However when I just add only one configuration change 'lmtp_proxy = yes' I am getting these errors[1]. I would expect this email to still be delivered locally, should this be working or do I misunderstand the lmtp proxy functionality? [0] passdb { args = auth_verbose = default

HI All I have setup a dovecot proxy with remote auth, value nopassword in the passdb to make the auth remotely. With pop3 and imap the authentication is made on the remote server and this work perfectly. I have tested with wrong and correct password. Then I have added the postfix sasl and this also works fine, the request is made to dovecot. My problem is that with this method I can give any

It looks like the dovecot proxy can authenticate correctly but fails then on with this message Nov 23 23:33:33 test2 dovecot: pop3-login: Error: proxy: host not given: user=<test>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<LDTlHguYJth/AAAB> I have configured a host= in ldap for this user

I had a working proxy setup added sieve to it, and out of the blue I get this Error: proxy: Remote returned invalid banner: 220 No idea what to do, nothing even in the mail list archive

Hello List! I?ve following problem after updating dovecot... Error: (Empty password returned without nopassword) Jan 21 15:56:15 test-mi dovecot: auth(default): new auth connection: pid=83362 Jan 21 15:56:15 test-mi dovecot: auth(default): client in: AUTH 7 PLAIN service=imap lip=192.168.0.32 rip=192.168.0.86 lport=143 rport=2905 resp=AHRrdWV2NUBnb25lby5jb98AdGVzdHVzZXI1

Hi, I've been trying to build a password forwarding proxy to Gmail without success... The SSL connection to Dovecot is happening no problem (as far as I can tell), but for some reason the conversation between Dovecot and Gmail is getting timed out. I know this is supposed to be simple... :-( But could somebody please give me some help by pointing what I'm not doing right? No matter

Hi All, I can't get directory proxying of pop3 and imap working.? The director stuff appears to be OK - see below.?? The ldap authentication is working on the backend mail server.? I just get connection refused when I telnet to the proxy on the pop3 and imap ports.? Nothing appears to be running on the pop3 and imap ports despite the lines in the config below.? I am not sure what to do from