Hi, I may be totally wrong, but…
Gary Stainburn via Exim-users <exim-users@exim.org> (Mi 01 Feb 2023 14:02:06 CET): > driver = dovecot > public_name = LOGIN > server_socket = /var/run/dovecot/auth-client > server_set_id = $auth1 > > dovecot_plain: > driver = dovecot > public_name = PLAIN > server_socket = /var/run/dovecot/auth-client > server_set_id = $auth1 Sure about $auth1? Isn'tit $auth2 in case of the PLAIN driver? > 2023-02-01 12:50:11 dovecot_login authenticator failed for hub.******** > ([10.1.1.103]) [**.**.**.**]: 435 Unable to authenticate at present: unable > to connect to UNIX socket (/var/run/dovecot/auth-client): Permission denied Yes, Exim connects to the socket as the Exim runtime user, but the permissions on the socket are a way to tight. I think, either set the socket to 666, or make 660 and assign it to a group, Exim belongs to (though I'm not sure, if Exim "joins" its supplementary groups (aka initgroups(3)) for auth purpose.) I'm not sure about the security impact of widening the permissions on this socket. In theory it can be used to do mass-checking of auth credentials. The permissions and ownership of the socket can be set in the dovecot config file. -- Heiko
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
