Dovecot and the Maildir path

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Dovecot and the Maildir path

Will Merkens
System basics
    Centos 7.3
    Dovecot 2.2.32 (dfbe293d4)


I am working on a replacement mail server for work and one of the features I wanted was ldap authentication

After much fiddling I got it to work.

But I encountered a issue where two different methods of testing a mail account resulted in the
mail_location being different

I set  mail_location = maildir:/var/spool/maildir/%d/%n/Maildir in dovecot.conf

when I test the authentication and to see if the folders are created correctly on first use I have two results depending on how I test.

First test was from openssl

    openssl s_client -connect mail2:993

I have no problem connecting, I issue the following commands

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
a login [hidden email] ********
a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND
URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS
BINARY MOVE] Logged in
a list "" *
* LIST (\HasNoChildren) "." INBOX
a OK List completed (0.001 + 0.000 secs).
* BYE Disconnected for inactivity.
closed

But when I look in the mail server at /var/spool/maildir the testuser is not created inside of userful.com but at the same level as userful.com contrary to the
%d in mail_location settings.

Now second method

doveadm -D mailbox list -u '[hidden email]'

This correctly creates the user under the domain as specified.

for logs I have from journalctl

for openssl

Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: client in: AUTH        2        PLAIN        service=imap        secured       
session=VgBmvMNcQoTAqHsn        lip=192.168.
123.236        rip=192.168.123.39        lport=993        rport=33858        resp=AHRlc3R1c2VyQHVzZXJmdWwuY29tADk5dGVzdHVzZXI5OQ== (previous base64 data may
contain sensitive data)
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email],192.168.123.39,<VgBmvMNcQoTAqHsn>): bind search: base=ou=People,dc=userful,dc=ca
filter=(&(objectClass=posixAccount)(uid=testuser))
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email],192.168.123.39,<VgBmvMNcQoTAqHsn>): result: uid=testuser; uid unused
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email],192.168.123.39,<VgBmvMNcQoTAqHsn>): username changed [hidden email] -> testuser
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: uid=testuser
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: client passdb out: OK        2        user=testuser                original_user=[hidden email]
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: master in: REQUEST        2784755713        10725        2        d4a357fe811a1da8bd725b82fc1da2ab       
session_pid=11051        request_auth_token
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): user search: base=ou=People,dc=userful,dc=ca scope=subtree
filter=(&(objectClass=posixAccount)(uid=testuser)) fields=homeDirectory,uidNumber,gidNumber
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: homeDirectory=/nfs/home/test-user uidNumber=6000
gidNumber=1000; homeDirectory,uidNumber,gidNumber unused
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: homeDirectory=/nfs/home/test-user uidNumber=6000
gidNumber=1000
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: master userdb out: USER        2784755713        testuser        home=/nfs/home/test-user       
uid=6000        gid=1000        auth_token=29e6ac32c85cf1b69eeabbe8e4f8e4810e9a3468        auth_user=[hidden email]
Oct 30 07:37:12 mail2 dovecot[10722]: imap-login: Login: user=<testuser>, method=PLAIN, rip=192.168.123.39, lip=192.168.123.236, mpid=11051, TLS,
session=<VgBmvMNcQoTAqHsn>



for doveadm

Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: master in: USER        1        [hidden email]        service=doveadm
Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email]): user search: base=ou=People,dc=userful,dc=ca scope=subtree
filter=(&(objectClass=posixAccount)(uid=testuser)) fields=homeDirectory,uidNumber,gidNumber
Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email]): result: homeDirectory=/nfs/home/test-user uidNumber=6000 gidNumber=1000;
homeDirectory,uidNumber,gidNumber unused
Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email]): result: homeDirectory=/nfs/home/test-user uidNumber=6000 gidNumber=1000
Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: userdb out: USER        1        [hidden email]        home=/nfs/home/test-user        uid=6000       
gid=1000

Any ideas and any settings files that I need to post.




--
William Merkens
IT Support Analyst
Userful Corporation
+1 403.289.2177 ext.289
+1 866 USERFUL (1-866-873-7385)
Suite 300, 736 8th Ave. SW
Calgary AB T2P 1H4

Managed Desktops Done Right.
http://www.userful.com
Reply | Threaded
Open this post in threaded view
|

Re: Dovecot and the Maildir path

Steffen Kaiser-9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 30 Oct 2017, Will Merkens wrote:

> But when I look in the mail server at /var/spool/maildir the testuser is not created inside of userful.com but at the same level as userful.com contrary to the
> %d in mail_location settings.
>
> doveadm -D mailbox list -u '[hidden email]'

this command bypasses passdb.

> Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email],192.168.123.39,<VgBmvMNcQoTAqHsn>): result: uid=testuser; uid unused
> Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap([hidden email],192.168.123.39,<VgBmvMNcQoTAqHsn>): username changed [hidden email] -> testuser
> Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: uid=testuser

your passdb strips the domain.

> Any ideas and any settings files that I need to post.

Check the LDAP settings for "user" extra field

- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBWfcwcXz1H7kL/d9rAQLpSggAnTWizpyk6wNDRuT//m1r0MaPM/8FriPF
NOSdMwOktUblanmlf1OWWsqF/LonTIltscqIhcd8eVz2n/XNcYc9v6Bbe2lhKcLr
eQRXX8U901d0TbwMM5c2TRAhyGYAypttTdNnmTwwk9qo4SxW+Dwv3llWx5Rj0OEK
ZkOT/2ud/39R5lO4TdR5UirUP2C2MWLS8PDQPXfvUzhiFWJt9hQnrekuuJ7L8P8X
3w+CqUynUIVMI7KeHDc/42P+i6E99aI0YB9G+ctxplICUxLL8XnTdnGHAb20ueHR
ym7EQlQx0+qhH1laCtvZZ4lFUCIVmBU3Oqxfyr74KWzryDiwOvlZTQ==
=vWu2
-----END PGP SIGNATURE-----