similar to: Dovecot SASL

Hi, I just moved from Cyrus SASL to Dovecot SASL, with postfix. Works great, and no issue with non-ascii chars, has i had with Cyrus. With Cyrus i was getting the username/passwd via SQL, with this: sql_select: select password from smtp_auth_users where username='%u@%r' and status='true' worked ok for users with email addresses, and i had some special users that were just a

Howdy, I'm going back to this matter, to finish the replacement os cyrus SASL per dovecot-SASL. I want to have the same functionality that i had before, that is, SASL check's AUTH agains a different table than the users one. I was looking in the dovecot-SASL docs, and i see nothing related. (https://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL) Does someone have an ideia on how to

On 19.6.2019 7.48, Alexander Dalloz via dovecot wrote: > Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot: >> Howdy, >> >> I'm using dovecot and mysql users, and i'm creating the password with: >> >> ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) >> >> So far so good, everything's fine. >>

Hello, The world is not black or white. Yes CRAM-MD5 is old and his successor SCRAM-XXXXXX is not widely available/implemented which is sad. For your need, use TLS and forget about it. Thunderbird is conservative. If you don't configure TLS or TLS is not available, it try to use something that not expose the password. There is plenty of context where TLS is not possible/desirable. And

Howdy, I'm using dovecot and mysql users, and i'm creating the password with: ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) So far so good, everything's fine. Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at least) IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't authenticate. What am i doing wrong, or

Jorge Bastos via dovecot skrev den 2019-11-13 22:00: > How can i have the same with dovecot SASL? > Thanks in advanced, https://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL Hi benny, Thanks, That's exactly what i have in postfix: smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes plus: smtpd_sasl_local_domain = fastmail but the user that i have

Gedalya skrev den 2015-03-27 14:48: >> is it possible to configure configure haproxy to work with postfix >> sasl and dovecot auth like this: >> clients -> 25:postfix -> 20025:haproxy -> 20025:auth-backend-1, >> 20025:auth-backend-2 > Why don't you set up a dovecot locally (with only auth service) on > each postfix box? cyrus-sasl is still needed, and

I will install cyrus-sasl and see how it goes. Anyway, it would be nice to have same features (authentication agains imap) in dovecot. On 27 Mar 2015, at 16:27, Benny Pedersen <me at junc.eu> wrote: > Edgaras Luko?evi?ius skrev den 2015-03-27 14:58: > >> I don?t want to allow public network facing servers to be able to >> reach passwords database. And I want to

Hi all, I seem to recall mention of SASL client support either being added, but can't remember for sure. The wiki says nothing about Client support (now, or in the future)... http://wiki2.dovecot.org/Sasl So - is there support for it now? If not, is it planned for anytime soon? Thanks, -- Best regards, Charles

Can?t dovecot authenticate against imap? What I need is to make smtp authentication balanced and keep everything in backend (private network) On 27 Mar 2015, at 13:29, Benny Pedersen <me at junc.eu> wrote: > Edgaras Luko?evi?ius skrev den 2015-03-27 12:21: > >> is it possible to configure configure haproxy to work with postfix >> sasl and dovecot auth like this:

Hi Is it possible to secure the Dovecot SASL auth provider for postfix? https://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL I'm currently using the inet option to provide SASL auth to postfix for dovecot. Both installs are on different hosts hence the use of inet rather than unix socket. I'm looking for the best way to secure this channel (rather than just assuming the VLAN is secure

Hi, 2.2.33.2 Well your confs are almost mine except for director_ping_idle_timeout = 30 secs submission_relay_max_idle_time = 29 mins but i think they're not imap related (i may be wrong) any other hint why is this happening? I was used to the old IMAP server than dovecot, where emails appear in the inbox, no matter if it was selected for 15m or the last 4 hours Any ideia please let me

Hello! Dovecot uses it's own SASL implementation, doesn't it? Aug 14 23:45:23 example.com auth[10428]: GSSAPI client step 1 Aug 14 23:45:23 example.com auth[10428]: encoded packet size too big (813804546 > 65536) Aug 14 23:45:23 example.com dovecot[10085]: auth-worker(10428): Error: LDAP: Can't connect to server: ldap://ipa2.example.com Aug 14 23:45:23 example.com

> On 15/08/2019 00:34 Eugene via dovecot <dovecot at dovecot.org> wrote: > > > The next combination of parameters makes 100% LDAP connections unsuccessful (the log snippet form the previous mail). > sasl_bind = yes > sasl_mech = gssapi > tls = yes > > Looks like this combination is utterly incorrect and should be prohibited (tls must not be used when mech is

I suspect the problem is that dovecot tries to report LDAP error over GSSAPI. So the best fix is to make sure your LDAP server does not return error. =) Aki On 15.8.2019 14.56, Eugene Bright wrote: > That's right. > GSS-API is not used anywhere else. > Do you like to inspect my full configuration? > I can dump connection session and send pcap file here. > > On August 15,

I don?t want to allow public network facing servers to be able to reach passwords database. And I want to segregate roles of the servers. If I will setup dovecot locally I will still have to provide it access to database (eg. /etc/dovecot/dovecot-sql.conf.ext). On 27 Mar 2015, at 15:49, Benny Pedersen <me at junc.eu> wrote: > Edgaras Luko?evi?ius skrev den 2015-03-27 14:34: >>

I'm trying to set up SMTP authentication on my server and am getting an authentication failed error. My client is set up to automatically select authentication method and tries CRAM_MD5. The http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL suggests "passdb pam" and "userdb passwd" -- is it possible to configure sasl authentication using a dovecot.conf like

I wanted to mention I updated the Postfix and Dovecot SASL wiki entry yesterday. http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL The entry: submission inet n - - - - smtpd was incorrect. It should be: submission inet n - n - - smtpd By specifying n for chroot, it ensures that DNS lookups can occur. Otherwise, if you are using reject_unknown_recipient_domain the following error will

Hi This is my 1st time here so please be gentle. I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection Version

hi everyone could someone show me there sasl configuration section in their dovecot.conf, i have postfix and dovecot setup for virtual users (no system users) everything works fine including tls, i have tried various examples off the web for sasl but they either have obsolete parameters or are for a setup with system users, i would prefer to use dovecots sasl implementation. dovecot --version =