[SDBUG] Authorization problem on email server

Al Plant webmaster at hawaiidakine.com
Sun Jul 9 12:42:19 PDT 2006 

Gregory Sutter wrote:
> On 2006-07-08 18:45 -0700, Gregory Sutter <gsutter at zer0.org> wrote:
> 
>>On 2006-07-08 14:33 -1000, Al Plant <webmaster at hawaiidakine.com> wrote:
>>
>>>FreeBSD 6.1
>>>I have installed sendmail imap and pop3. I  tried installing dovecot. I 
>>>can still send from the admin at hdk5.net user to anywhere on the inet. 
>>>However, I get a bad authentication passwd err for the same user when I 
>>>try to download his mail.
>>>The server box has ssh and I can get onto it with the password assigned 
>>>with no problem. Doesn't the dovecot use the same account passwd for the 
>>>account? Or do I have to enable ssl to use the ssh passwrd system which 
>>>is encrypted? I just left ssl off to run unencrypted for testing.
>>
>>The (/usr/local/etc/)dovecot.conf file controls how dovecot handles
>>authentication.  Look for the auth_userdb and auth_passdb settings.
>>Also check the links referred to in the comments in that config file.
> 
> 
> Also, using your system password file and PLAIN authentication over
> your unencrypted test setup is not a good idea.  SSL!
> 
> Here's my dovecot.conf for reference.  Note that with the
> default_mail_env below, postfix has to be set with the
>   home_mailbox = Maildir/
> to match.
> 
> $ egrep -v "^#" dovecot.conf | egrep -v "^$"
> base_dir = /var/run/dovecot/
> protocols = imaps pop3s
> ssl_disable = no
> ssl_cert_file = /etc/ssl/certs/imapd.pem
> ssl_key_file = /etc/ssl/private/imapd.pem
> ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
> ssl_parameters_regenerate = 23
> disable_plaintext_auth = yes
> login_dir = /var/run/dovecot/login
> login_chroot = yes
> login = imap
> login_user = dovecot
> login_processes_count = 16
> login = pop3
> verbose_proctitle = yes
> first_valid_uid = 1000
> last_valid_uid = 1999
> first_valid_gid = 0
> valid_chroot_dirs = /var/mail
> default_mail_env = maildir:~/Maildir
> client_workarounds = oe6-fetch-no-newmail outlook-idle outlook-pop3-no-nuls
> maildir_copy_with_hardlinks = yes
> auth = default
> auth_mechanisms = plain
> auth_userdb = passwd
> auth_passdb = passwd
> auth_user = root
> auth_verbose = yes
> 
> 

Thanks for the help.

Aloha Gregory,

I havent any reference books with anything but a line or to on SSL. So I 
am not up on it. I use SSH on the logins to all the servers. In the 
etc/passwd file on the FreeBSD server the users are created with SSH. 
Can you recommend a book or on line reference on how SSH and SSL work 
combined and  do they play nicely together?

I couldnt get posfix to work on this server using the how to's I had. So 
I set up sendmail and got it to work with the smtp. It appears that the 
authentication is the issue as everything else works and the /var/mail 
log doesnt have any errors.

In the dovecot I chose the /Maildir, but does this send the sendmail to 
where its supposed to? The dovecot how_to seems to suggest that.

I will follow your instructions and see if it works now. I have tested 
with Dovecot Starting up tests and it shows OK.

I dont have any FreeBSD boxes here with IMAP to test that service. My 
thought was that most of the people in the group I belong to use MAC or 
MS and I think those mailers are pop3. I thought that since your file 
showed login = pop3 that would be ok. Right?

I really appreciate your coaching with this. Many thanks.

Al Plant

  -- Webmaster- http://hawaiidakine.com Admin- http://freebsdinfo.org --
Supporting Open Source Computing - - FreeBSD 6.* -- Debian Linux 3*
"All that's really worth doing is what we do for others."- Lewis Carroll

More information about the SDBUG mailing list