Configure Dovecot as the LDA

Discussion related to network/web services such as Apache, BIND Sendmail, etc.

Configure Dovecot as the LDA

Postby c00kie » 22 Jul 2013, 20:52

Hi

I'd like to set up Dovecot, Sendmail and Roundcube. I can visit http://xxx.xxx.xx.xx/roundcube in a browser and sure enough am presented with a login screen. I then choose a random user from my system, say 'admin', and try logging in with the corresponding credentials, but Roundcube reports:
Code: Select all
Connection to storage server failed.


[CMD]# tail -f /var/log/maillog[/CMD]
Code: Select all
Jul 22 13:46:44 server dovecot: auth: Fatal: No passdbs specified in configuration file. PLAIN mechanism needs one
Jul 22 13:46:44 server dovecot: master: Error: service(auth): command startup failed, throttling for 60 secs
Jul 22 13:46:44 server dovecot: imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 0 secs): user=<>, rip=xxx.xxx.xx.xx, lip=xxx.xxx.xx.xx, secured, session=<A8R7Qh3iUwDHZkxG>


My current [FILE]dovecot.conf[/FILE] file is very small:

[CMD]# cat /usr/local/etc/dovecot/dovecot.conf | less[/CMD]
Code: Select all
ssl = no
disable_plaintext_auth = no


Can someone show me a basic [FILE]dovecot.conf[/FILE] file and provide some assistance with IMAP? I've seen dovecot-example.conf but need to start smaller and work up really.
c00kie
Member
 
Posts: 150
Joined: 09 Mar 2012, 11:26

Postby nk » 06 Aug 2013, 12:25

As your log shows Dovecot doesn't know how users should be authenticated. The usual authentication methods are included in the [FILE]dovecot-example.conf[/FILE]. You could use it as a template and just comment out or delete the irrelevant lines.
nk
Junior Member
 
Posts: 5
Joined: 06 Aug 2013, 11:32
Location: Helsinki, Finland

Postby c00kie » 07 Aug 2013, 17:23

nk wrote:As your log shows Dovecot doesn't know how users should be authenticated.


Thanks. After some further investigation, and using the Dovecot wiki as a reference point.

[CMD]cat dovecot.conf[/CMD]
Code: Select all
# 2.2.4: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 9.0-RELEASE i386
passdb {
  driver = pam
}
service auth {
  user = root
}
userdb {
  driver = passwd
}
# Group to enable temporarily for privileged operations. Currently this is
# used only with INBOX when either its initial creation or dotlocking fails.
# Typically this is set to "mail" to give access to /var/mail.
mail_privileged_group = mail
 
mbox_very_dirty_syncs = yes

ssl = yes

ssl_cert =</etc/ssl/certs/GandiStandardSSLCA.pem
ssl_key =</etc/ssl/certs/mydomain.org.key
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem


In [FILE]/etc/pam.d/dovecot[/FILE]
Code: Select all
auth    required        pam_unix.so
account required        pam_unix.so


[CMD] ps auxw|grep "dovecot"[/CMD]
Code: Select all
root     6033   0.0  0.4  11224   2144  ??  Is   12:49PM   0:00.00 /usr/local/sbin/dovecot
dovecot  6034   0.0  0.3  11220   1744  ??  I    12:49PM   0:00.00 dovecot/anvil
root     6035   0.0  0.3  11220   1760  ??  S    12:49PM   0:00.00 dovecot/log
root     6037   0.0  0.4  11216   2120  ??  I    12:49PM   0:00.00 dovecot/config
root     6042   0.0  0.2   9748   1268   0  S+   12:50PM   0:00.00 grep dovecot


Still when I browse to [url=#]http://ip.ip.ip.ip/roundcube/[/url]

I now get a different error:

Code: Select all
connection to storage server failed


From [FILE]/var/log/maillog[/FILE]
Code: Select all
Aug  7 13:13:25 web dovecot: master: Fatal: Dovecot is already running with PID 6033 (read from /var/run/dovecot/master.pid)
Aug  7 13:13:51 web dovecot: imap-login: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY
Aug  7 13:13:51 web dovecot: master: Error: service(imap-login): command startup failed, throttling for 4 secs
Aug  7 13:16:56 web dovecot: imap-login: Fatal: Can't load private ssl_key: Key is for a different cert than ssl_cert
Aug  7 13:16:56 web dovecot: master: Error: service(imap-login): command startup failed, throttling for 8 secs



I don't understand as my SSL is set-up perfectly and the paths above are all correct?
c00kie
Member
 
Posts: 150
Joined: 09 Mar 2012, 11:26

Postby c00kie » 08 Aug 2013, 08:46

Hang-on, it turns out I have two certificates, a main and an intermediary. So I edit [file]dovecot.conf[/file] to read my
intermediate:

Code: Select all
ssl_cert_file =</etc/ssl/certs/mycertificate.crt


And the error message from above vanishes.

[CMD]kill 7662 [/CMD] and restart [FILE]dovecot[/FILE].

Back to [FILE]maillog[/FILE] and more reports:
Code: Select all
Aug  8 03:59:10 web dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=my.ip.ip.ip, lip=my.ip.ip.ip, mpid=7723, secured, session=<Dg56CGvjcQDHZkxG>
Aug  8 03:59:10 web dovecot: imap(admin): Error: user admin: Initialization failed: mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/admin
Aug  8 03:59:10 web dovecot: imap(admin): Error: Invalid user settings. Refer to server log for more information.


In [file]dovecot.conf[/file] try

Code: Select all
mail_location = maildir:~/mail


I'm now able to access/login to the [FILE]roundmail[/FILE] web client, wuhoo. Try sending a message from my FreeBSD box (via [FILE]roundcube[/FILE] client) to my Yahoo account though and:

Code: Select all
Aug  8 04:11:08 web dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=my.ip.ip.ip, lip=my.ip.ip.ip, mpid=7781, secured, session=<gddPM2vj0gDHZkxG>
Aug  8 04:11:09 web dovecot: imap(admin): Disconnected: Logged out in=29 out=466
Aug  8 04:11:09 web dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=my.ip.ip.ip, lip=my.ip.ip.ip, mpid=7783, secured, session=<q3hZM2vjLADHZkxG>
Aug  8 04:11:09 web dovecot: imap(admin): Disconnected: Logged out in=44 out=429
Aug  8 04:11:10 web dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=my.ip.ip.ip, lip=my.ip.ip.ip, mpid=7785, secured, session=<qnluM2vj3gDHZkxG>
Aug  8 04:11:10 web dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=my.ip.ip.ip, lip=my.ip.ip.ip, mpid=7788, secured, session=<T6VuM2vjbQDHZkxG>
Aug  8 04:11:10 web dovecot: imap(admin): Disconnected: Logged out in=50 out=469
Aug  8 04:11:11 web dovecot: imap(admin): Disconnected: Logged out in=82 out=495
Aug  8 04:11:29 web dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=my.ip.ip.ip, lip=my.ip.ip.ip, mpid=7790, secured, session=<YrSINGvjYgDHZkxG>
Aug  8 04:11:29 web dovecot: imap(admin): Disconnected: Logged out in=93 out=514
Aug  8 04:11:29 web dovecot: imap-login: Login: user=<admin>, method=PLAIN, rip=my.ip.ip.ip, lip=my.ip.ip.ip, mpid=7792, secured, session=<Wv2QNGvjcADHZkxG>
Aug  8 04:11:29 web dovecot: imap(admin): Disconnected: Logged out in=44 out=460
Aug  8 04:12:28 web sendmail[7794]: r788CS4C007794: Authentication-Warning: me.freebsd.net: www set sender to admin@my.ip.ip.ip using -f
Aug  8 04:12:28 web sendmail[7794]: r788CS4C007794: from=admin@my.ip.ip.ip, size=403, class=0, nrcpts=1, msgid=<429d00f3a9a3189937287a3956550355@acookson.org>, relay=www@localhost
Aug  8 04:12:28 web sm-mta[7795]: r788CSeX007795: ruleset=check_mail, arg1=<admin@my.ip.ip.ip>, relay=localhost [127.0.0.1], reject=553 5.1.8 <admin@my.ip.ip.ip>... Domain of sender address admin@my.ip.ip.ip does not exist
Aug  8 04:12:28 web sendmail[7794]: r788CS4C007794: to=myaccount@yahoo.com, ctladdr=admin@my.ip.ip.ip (80/80), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30403, relay=[127.0.0.1] [127.0.0.1], dsn=5.6.0, stat=Data format error
Aug  8 04:12:28 web sendmail[7794]: r788CS4C007794: r788CS4D007794: DSN: Data format error
Aug  8 04:12:28 web sm-mta[7795]: r788CSeX007795: from=<admin@my.ip.ip.ip>, size=403, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=localhost [127.0.0.1]
Aug  8 04:12:28 web sm-mta[7795]: r788CSeY007795: from=<>, size=2498, class=0, nrcpts=1, msgid=<201308080812.r788CS4D007794@me.freebsd.net>, proto=ESMTP, daemon=IPv4, relay=localhost [127.0.0.1]
Aug  8 04:12:28 web sendmail[7794]: r788CS4D007794: to=admin@my.ip.ip.ip, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31427, relay=[127.0.0.1], dsn=2.0.0, stat=Sent (r788CSeY007795 Message accepted for delivery)
Aug  8 04:12:28 web sm-mta[7797]: r788CSeY007795: to=<admin@my.ip.ip.ip>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=32498, relay=my.ip.ip.ip, dsn=5.1.2, stat=Host unknown (Name server: my.ip.ip.ip: host not found)
Aug  8 04:12:28 web sm-mta[7797]: r788CSeY007795: r788CSeX007797: postmaster notify: Host unknown (Name server: my.ip.ip.ip: host not found)
Aug  8 04:12:28 web sm-mta[7797]: r788CSeX007797: to=root, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=33522, relay=local, dsn=2.0.0, stat=Sent
Aug  8 04:12:56 web sendmail[7799]: r788CucH007799: Authentication-Warning: me.freebsd.net: www set sender to admin@my.ip.ip.ip using -f
Aug  8 04:12:56 web sendmail[7799]: r788CucH007799: from=admin@my.ip.ip.ip, size=403, class=0, nrcpts=1, msgid=<68dc0b059e75fe31d9e5aae68d85a27a@acookson.org>, relay=www@localhost
Aug  8 04:12:56 web sm-mta[7800]: r788CuVA007800: ruleset=check_mail, arg1=<admin@my.ip.ip.ip>, relay=localhost [127.0.0.1], reject=553 5.1.8 <admin@my.ip.ip.ip>... Domain of sender address admin@my.ip.ip.ip does not exist
Aug  8 04:12:56 web sendmail[7799]: r788CucH007799: to=myaccount@yahoo.com, ctladdr=admin@my.ip.ip.ip (80/80), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30403, relay=[127.0.0.1] [127.0.0.1], dsn=5.6.0, stat=Data format error
Aug  8 04:12:56 web sendmail[7799]: r788CucH007799: r788CucI007799: DSN: Data format error
Aug  8 04:12:56 web sm-mta[7800]: r788CuVA007800: from=<admin@my.ip.ip.ip>, size=403, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=localhost [127.0.0.1]
Aug  8 04:12:56 web sm-mta[7800]: r788CuVB007800: from=<>, size=2498, class=0, nrcpts=1, msgid=<201308080812.r788CucI007799@me.freebsd.net>, proto=ESMTP, daemon=IPv4, relay=localhost [127.0.0.1]
Aug  8 04:12:56 web sendmail[7799]: r788CucI007799: to=admin@my.ip.ip.ip, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31427, relay=[127.0.0.1], dsn=2.0.0, stat=Sent (r788CuVB007800 Message accepted for delivery)
Aug  8 04:12:56 web sm-mta[7802]: r788CuVB007800: to=<admin@my.ip.ip.ip>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=32498, relay=my.ip.ip.ip, dsn=5.1.2, stat=Host unknown (Name server: my.ip.ip.ip: host not found)
Aug  8 04:12:56 web sm-mta[7802]: r788CuVB007800: r788CuVA007802: postmaster notify: Host unknown (Name server: my.ip.ip.ip: host not found)
Aug  8 04:12:56 web sm-mta[7802]: r788CuVA007802: to=root, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=33522, relay=local, dsn=2.0.0, stat=Sent


When I'm composing the message in [FILE]roundcube[/FILE], the from field reads: admin<admin@my.ip.ip.ip> which doesn't look right. And clues are:

Code: Select all
stat=Host unknown (Name server: my.ip.ip.ip: host not found)
relay=localhost [127.0.0.1], reject=553 5.1.8 <admin@my.ip.ip.ip>... Domain of sender address admin@my.ip.ip.ip does not exist


Is this a DNS issue or does [FILE]roundcube[/FILE] need some more configuration, or none of these?

Edit: I don't think its DNS since I can send/receive emails from my FreeBSD box using mutt for instance.

Edit: Disregard all. It's a very simple solution. One has to set-up [FILE]roundcube[/FILE] to use a fully qualified domain name. Instead of
Code: Select all
admin<admin@my.ip.ip.ip>
one needs
Code: Select all
admin@mydomain.net
or whaterever domain you're using.

Once in Roundcube, go to [FILE]Settings > Identities[/FILE] and set or add these as you like. This solved it for me.
c00kie
Member
 
Posts: 150
Joined: 09 Mar 2012, 11:26

protocols

Postby mroussin51 » 09 Aug 2013, 02:58

Hello [user]cOOkie[/user],

I noticed that your [FILE]dovecot.conf[/FILE] does not contain any protocols defined. I am pretty sure that [FILE]roundcube[/FILE] is going to need IMAP like this:

[FILE]/usr/local/etc/dovecot.conf[/FILE]
Code: Select all
# Protocols we want to be serving: imap imaps pop3 pop3s managesieve
# If you only want to use dovecot-auth, you can set this to "none".
protocols = imap


I am using [FILE]squirrelmail[/FILE] and the only change I have to make to [FILE]dovecot.conf[/FILE] is to the protocols. I hope this is helpful.

Regards

mroussin51
mroussin51
Junior Member
 
Posts: 60
Joined: 27 Dec 2011, 05:11
Location: Chapel Hill NC

I am sorry I see you had solved your issue

Postby mroussin51 » 09 Aug 2013, 03:17

Dear [user]cOOkie[/user],

I did not notice you had solved your issue. I apologize for chiming in.

Regards,

mroussin51
mroussin51
Junior Member
 
Posts: 60
Joined: 27 Dec 2011, 05:11
Location: Chapel Hill NC


Return to Web & Network Services

Who is online

Users browsing this forum: No registered users and 0 guests