just an fyi
postfix runs it's own authenticaion especially with virtual users
please note below is based on pgsql but the concept is the same for
passwd - have not used that for a while
simply put virtual users both with postfix & dovecot works way better
with a pgsql database running the show
-rw-r--r-- 1 root vmail uarch 565B Feb 20 05:30 pgsql-aliases.cf
-rw-r--r-- 1 root vmail uarch 434B Feb 20 05:30 pgsql-canonical.cf
-rw-r--r-- 1 root vmail uarch 457B Feb 20 05:31
pgsql-mydestination.cf
-rw-r--r-- 1 root vmail uarch 568B Feb 20 05:31 pgsql-virtual.cf
# cat pgsql-virtual.cf
# **** pgsql-virtual.cf ***
#
# pgsql config file for alias lookups on postfix
# comments are ok.
#
# the user name and password to log into the pgsql server
hosts = dovecot-mail18.scom.ca:5433
user = pgsql
password = xxxxxxxx
# the database name on the servers
dbname = xxxxxxx
# the table name
table = email_users
#
#Select source email address alias (ie sales@ etc aliases )
where_field = source
#Select destination email account address (final delivery)
select_field = destination
#Account Status (1=good)
additional_conditions = and status = '1'
in main.cf (postfix)
dovecot_destination_recipient_limit = 1
virtual_transport = dovecot
#Postgres Stuff
mydestination = pgsql:/usr/home/postfix/config/pgsql-mydestination.cf
#virtual_maps=pgsql:/usr/home/postfix/config/pgsql-virtual.cf
alias_maps=pgsql:/usr/home/postfix/config/pgsql-aliases.cf
#sender_canonical_maps = pgsql:/usr/home/postfix/config/pgsql-canonical.cf
dovecot config :
# cat dovecot-pgsql.conf
driver = pgsql
connect = host=dovecot-mail18.scom.ca port=5433 dbname=xxxx user=pgsql
password=xxxx
default_pass_scheme = PLAIN
password_query = SELECT username as user, password FROM email_users
WHERE username = '%u' and password <> 'alias' and status = True and
destination = '%u'
user_query = SELECT home, uid, gid FROM email_users WHERE username =
'%u' and password <> 'alias' and status = True and destination = '%u'
#iterate_query = SELECT user, password FROM email_users WHERE username =
'%u' and password <> 'alias' and status = True and destination = '%u'
iterate_query = SELECT "username" as user, domain FROM email_users WHERE
status = True and alias_flag = False
I can help further if needbe (more complete info), just trying to point
you in the right direction.
Happy Thursday !!!
Thanks - paul
Paul Kudla
Scom.ca Internet Services <http://www.scom.ca>
004-1009 Byron Street South
Whitby, Ontario - Canada
L1N 4S3
Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
Email p...@scom.ca
On 7/5/2023 11:26 PM, jeremy ardley via dovecot wrote:
On 6/7/23 10:17, joe a wrote:
Greetings from a new dovecot user.
Have setup dovecot on openSuse 15.4 with postfix as the MTA. Both are
the latest version in that distribution.
Simple virtual user setup using /etc/dovecot/passwd
Dovecot seems to be working and all the defined users are
authenticating well enough for imapsync to migrate files to the
mailboxes.
However, when attempting to send test mail via postfix, only some
users are authenticated and have mail delivered. Using swaks (smtp
toolkit) the failures are: 550 5.1.1 <some.u...@mydomain.com>:
Recipient address rejected: User unknown in local recipient table
I'm puzzled, probably some simple thing overlooked. To avoid clutter,
I won't include postfix items unless asked.
dovecot --version 2.3.20 (80a5ac675d)
dovecot -n
# 2.3.20 (80a5ac675d): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.20 (149edcf2)
# OS: Linux 5.14.21-150400.24.66-default x86_64
# Hostname: flitch
auth_verbose = ob-fuskate
disable_plaintext_auth = no
first_valid_uid = 100
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
passdb {
args = /etc/dovecot/passwd
driver = passwd-file
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap lmtp
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = no
ssl_cipher_list =
ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
driver = passwd
}
userdb {
args = uid=vmail gid=vmail home=/home/vmail/%u
driver = static
}
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
The issue you're experiencing might be due to the fact that you have two
passdb and userdb blocks in your configuration. Dovecot will use the
first passdb and userdb that successfully authenticate a user, and
ignore the rest.
In your configuration, the first passdb block uses PAM for
authentication, and the first userdb block uses the system's passwd
file. The second passdb and userdb blocks, which use a Dovecot-specific
passwd file and static userdb, will only be used if PAM authentication
fails.
If some of your users are defined in the Dovecot passwd file and not in
the system's passwd file, they will not be able to authenticate because
Dovecot will stop at the first passdb and userdb blocks.
To fix this, you could merge your passdb and userdb blocks into single
blocks that use both PAM and passwd-file/static methods. Here's an example:
passdb {
driver = pam
}
passdb {
args = /etc/dovecot/passwd
driver = passwd-file
}
userdb {
driver = passwd
}
userdb {
args = uid=vmail gid=vmail home=/home/vmail/%u
driver = static
}
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
