Am 12.07.2016 um 16:24 schrieb Admin Beckspaced:
that way dbmail has no need to deal with anything in context of TLS and
143 with STATTLS as well as 993 with the wrapper work and the same for
POP3
thanks for your reply and the hint of using dovecot as a proxy in front
of dbmail.
could you perhaps point me to a proper and up-to-date how to? working
config file?
that would be awesome ;)
_________________________________________________________
[root@testserver:~]$ cat /etc/dovecot/dovecot.conf
# provided services
protocols = imap pop3
# configure ssl
ssl = yes
ssl_cert = </etc/postfix/certs/localhost.pem
ssl_key = </etc/postfix/certs/localhost.pem
ssl_cipher_list =
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA
ssl_protocols = !SSLv2 !SSLv3
ssl_prefer_server_ciphers = yes
ssl_options = no_compression,no_ticket
# configure imap-proxy
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
}
vsz_limit = 512M
service_count = 0
process_min_avail = 0
process_limit = 1
client_limit = 300
}
# configure pop3-proxy
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
}
vsz_limit = 512M
service_count = 0
process_min_avail = 0
process_limit = 1
client_limit = 300
}
# default settings
imap_capability = IMAP4 IMAP4rev1 ACL RIGHTS=texk
NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE
login_greeting =
login_log_format_elements = user=<%u> %r %m %c
login_log_format = %$: %s
mail_max_userip_connections = 100
auth_mechanisms = CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP
LOGIN PLAIN
disable_plaintext_auth = no
shutdown_clients = no
version_ignore = yes
# Logging
syslog_facility = mail
# authentication process
auth_failure_delay = 10
auth_worker_max_count = 50
auth_cache_size = 16384
auth_cache_ttl = 600
auth_cache_negative_ttl = 600
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
auth_username_translation =
%@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
# debug options
auth_debug = no
auth_debug_passwords = no
auth_verbose = no
mail_debug = no
verbose_ssl = no
# configure proxy-database
passdb {
driver = sql
args = /etc/dovecot/sql.conf
}
# we are not using local users
userdb {
driver = static
args = static uid=10000 gid=10000 home=/dev/null
}
# configure backend for postfix sasl-auth
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
_________________________________________________________
[root@testserver:~]$ cat /etc/dovecot/sql.conf
driver = mysql
connect = host=/var/lib/mysql/mysqld_dbmail.sock
dbname=dbmail user=dbmail password=**mysql-pwd**
password_query = SELECT passwd as password, '127.0.0.1' as host,
IF('%Us'='POP3','20110','20143') as port, userid as destuser, passwd AS
pass, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS proxy FROM dbmail_users
WHERE userid='%u';
default_pass_scheme = plain
_________________________________________________________
[root@testserver:~]$ cat /etc/dbmail.conf
[DBMAIL]
dburi =
mysql://dbmail:**mysql-pwd**@localhost/dbmail?unix-socket=/var/lib/mysql/mysqld_dbmail.sock&charset=utf8
authdriver = sql
table_prefix = dbmail_
max_db_connections = 10
default_msg_encoding = utf8
postmaster = postmas...@testserver.rhsoft.net
sendmail = /usr/sbin/sendmail
syslog_logging_levels = 31
query_time_info = 10
query_time_notice = 20
query_time_warning = 30
query_timeout = 300
effective_user = dbmail
effective_group = dbmail
backlog = 256
timeout = 300
login_timeout = 60
resolve_ip = no
authlog = no
logfile = /var/log/dbmail.log
errorlog = /var/log/dbmail.err
pid_directory = /run/dbmail
header_cache_readonly = yes
[LMTP]
bindip = 127.0.0.1
port = 24
banner = LMTP
timeout = 1800
max_db_connections = 1
[POP]
bindip = 127.0.0.1
port = 20110
pop_before_smtp = no
banner = POP3
timeout = 1800
[IMAP]
bindip = 127.0.0.1
port = 20143
idle_timeout = 35
imap_before_smtp = no
capability = IMAP4 IMAP4rev1 AUTH=LOGIN ACL RIGHTS=texk
NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE
banner = IMAP
timeout = 3600
max_message_size = 26214400
[SIEVE]
bindip = *
port = 2000
banner = SIEVE
[DELIVERY]
auto_reply = yes
suppress_duplicates = yes
sieve = yes
subaddress = yes
sieve_vacation = no
sieve_notify = no
sieve_debug = no
auto_notify = no
quota_failure = hard
_________________________________________________________
well, and after that you can use dovecot for sasl-auth in postfix too
(main.cf) making sure everything is uisng the same database and auth-mechs
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
thanks a lot for sending the configs, gladly appreciated ;)
will dig into it and report back ...
greetings
becki
_______________________________________________
DBmail mailing list
DBmail@dbmail.org
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
