similar to: SASL from remote server

Hi, I understand from earlier discussions that the reason dovecot doesn't support proxying of other SASL mechanisms than those which supply the plaintext password is that in general it would be possible to proxy any SASL mechanism since it might protect against man-in-the-middle attacks (which would prevent proxying). However, that has led to choice between letting users use PLAIN (or

While auditing my logs after an account was compromised, I see a number of entries like: Jun 23 11:32:18 bubba dovecot: auth: ldap("one-of-my-accounts",127.0.0.1): invalid credentials I'm trying to figure out where this login attempt is coming from. I do run ASSP (an SMTP proxy) on this server, as well as Postfix - but I wouldn't think there'd be any communication with

At my company we've had a longstanding problem of not being able to send email from devices outside of our internal network and any specific IP address that we open the relay to. As it turns out, SASL has never been set up. I need to set up SASL ASAP but none of the guides I've found seem to work. This is the latest guide I tried: http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL I

Hello, Is it possible to configure Dovecot as SASL client for central authentication (also remotely via TCP/TLS)? Following use case: IMAP server (host 1) <=> Windows Domain Controller and /etc/shadow authenticator via pam (host2) Should work as: IMAP server (host 1) <=> SASL Client via TLS <=> Network <=> SASL Server via TLS <=> Local SASL via pam <=>

Hi all, I seem to recall mention of SASL client support either being added, but can't remember for sure. The wiki says nothing about Client support (now, or in the future)... http://wiki2.dovecot.org/Sasl So - is there support for it now? If not, is it planned for anytime soon? Thanks, -- Best regards, Charles

Hi, I would like to setup an IMAP server with SASL and LDAP support. As far as I can see dovecot supports SASL and LDAP, but not the way I need it. If I understand dovecot correctly, it has it's own set of SASL mechnisms and uses the LDAP server just to store the plaintext password. In case of authentication dovecot fetches the plaintext password from LDAP and then performs the SASL

Hi, I experince some problems with setting up Sendmail with the LDAP database for virtual mail accounts. Why i'm not writing to the LDAP mailing list? I believe, that the reason of my problem is in configuring dovecot-deliver. What i have: ?- FreeBSD ?- sendmail (Version 8.14.4 with LDAP support installed from ports)? ?- Dovecot LDA + dovecot (as pop3/imap) ?- Cyrus Sasl (authdaemon for

hi, i talked to timo about re-licensing the sasl part of dovecot under a more liberal license (bsd/lgpl e.g.). it would allow the integration of it in bsd base systems. another reason i would be interested is adding sasl support to svnserve [1]. so here is my question: what is your oppinion about this issue? any objections from contributors? darix [1] http://subversion.tigris.org/ -- irssi

Is it possible to setup the following: 1. Primary mailserver with SMTP solutions and Dovecot. 2. Primary server will store recent mails. 3. Secondary server for archival storage and Solr. So I'm not looking for a distributed cluster - simply a splitting of designated functions. Clients would only be connecting to the primary server. I know Dovecot supports an alternate storage location -

I'm trying to use Dovecot to make administering ASSP a bit easier. I've created a mailbox with a number of subfolders (Spam, Ham, etc.) and have ASSP setup to save mail in the appropriate folder e.g. /var/mail/ASSP/.INBOX.Ham/new. But I'm having problems with ASSP complaining about the newly created files - I believe the file gets opened, then it disappears before ASSP finishes

Hi, I have compiled dovecot 1.0 and postfix 2.3 with dovecot support. here are my config sections dovecot in auth default section ---------- client { user = postfix group = postfix /path = /var/run/dovecot/auth-client mode = 0660 } postfix main.cf --------------------- smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sender_restrictions =

Hi, so sendmail can use only cyrus-sasl ? ok, thank you >Mario Pavlov wrote: >> I was wondering if I can make sendmail use dovecot's SASL >> implementation...maybe I should somehow compile it against dovecot's >> SASL ? My idea is to make sendmail and dovecot authenticate against >> one central user/password repository. Is this possible ? >>

Hello, Is anybody using the cyrus-sasl mysql backend on 4.3? I have problems with it, it keeps segfaulting whenever the process enters sasl code. Feizhou

Hi, just a question: I know that dovecot supports SASL authentication and supports LDAP. Which means that dovecot performs the SASL methods itself and stores the plaintext secret on LDAP. But it is also possible to have the LDAP do the SASL work and dovecot just pass SASL messages through? Even when the LDAP server uses a proprietary SASL method not supported by dovecot? regards Hadmut

I was browsing the wiki and found a section on what appears to be as close to "exactly what I'm looking for" as I've seen in a long time. http://wiki.dovecot.org/moin.cgi/DovecotPostgresql However, I'm not inclined to do very much "blind" configuration on my machines without first understanding the what/why of it all. My theory is that this helps me with the

CentOS Errata and Security Advisory 2007:0878 https://rhn.redhat.com/errata/RHSA-2007-0878.html The following updated files have been uploaded and are currently syncing to the mirrors: ia64: updates/ia64/RPMS/cyrus-sasl-2.1.15-15.ia64.rpm updates/ia64/RPMS/cyrus-sasl-devel-2.1.15-15.ia64.rpm updates/ia64/RPMS/cyrus-sasl-gssapi-2.1.15-15.ia64.rpm

Dear all, Would need some of your advise. As I was the trying to get postfix sasl working with samba AD. I've try to search online for a few examples some use ldap, kerberos or pam. I'm using winbind on that system and I wonder if we can use winbind with sasl. Or anyone have a more correct on how it should be done. My existing setup was working with ldap before moving to samba4.

Howdy, I know i've asked this before, but i think i got really no answer. I'd like to have dovecot SASL, to check AUTH against an SQL table, instead of dovecot SASL use the AUTH MECH for imap/pop3. I want this, to have the same behavior as I have now, where i use postfix with cyrus SASL on a different table (with the same login details), and when i have an user that his accounts

Hi, I am using dovecot imaps and exim, both authenticating using dovecot-sasl. To keep passwords in one place I would like to authenticate openldap users over dovecot-sasl. So looking at this page: http://www.openldap.org/doc/admin24/security.html I figure it could be done using Pass-Through authentication. For this, I need to create /usr/lib/sasl2/slapd.conf And adding a few config

Some of our users use to login as firstname.lastname or firstname.lastname at charite.de instead of using the "correct" "flastname" login name. In order to get this behaviour a long-gone co-worker wrote an authdaemon.pl, which speaks the courier-authdaemon protocol. How can I emulate this behaviour with dovecot? Basically, all I need is a usernamen mapping ala: