Fw: Dovecot Fehler
Reinhard Marstaller
marstaller at tropenklinik.de
Mi Jan 8 11:33:19 CET 2025
und die ldap-Anmeldung unter Windows an der Domäne funktioniert, obwohl
der bind wohl nicht geht
------ Originalnachricht ------
Von "Reinhard Marstaller via Dovecot" <dovecot at listen.jpberlin.de>
An "Alles rund um Dovecot-Server" <dovecot at listen.jpberlin.de>
Cc "Reinhard Marstaller" <marstaller at tropenklinik.de>
Datum 08.01.2025 11:23:47
Betreff Re[2]: Fw: Dovecot Fehler
>Hallo Klaus,
>
>hier die Ausgabe:
>[root at s4slave exim]# doveadm auth test braun
>Password:
>passdb: braun auth failed
>extra fields:
> user=braun
> temp
>
>als benutzer braun.tplk.loc, was eigentlich unser lokaler Benutzer für die Email ist, liefert dasselbe ergebnis
>
>allerdings haben wir einen funktionierenden neuen ähnlich strukturierten Emailserver, bei dem kommt mit einer funktionierenden Emailadresse trotzdem auth failed
>
>wenn es am ldap liegen sollte, gibt es auch eine ldap liste, wo ich mich abonnieren kann und dann fragen?
>
>Vielen Dank
>
>Reinhard
>
>
>
>------ Originalnachricht ------
>Von "Klaus Tachtler via Dovecot" <dovecot at listen.jpberlin.de>
>An "Alles rund um Dovecot-Server" <dovecot at listen.jpberlin.de>
>Cc "Klaus Tachtler" <klaus at tachtler.net>
>Datum 08.01.2025 09:33:04
>Betreff Re: Fw: Dovecot Fehler
>
>>Hallo Reinhard,
>>
>>Simple Bind Failed: NT_STATUS_ACCOUNT_EXPIRED
>>
>>kann sich der Benutzer gegen LDAP authentifizieren?
>>(Benutzername und Passwort)
>>
>>evtl. mit
>>
>>doveadm auth test <benutzername>
>>
>>mal testen.
>>
>>Siehr mit eher nach einem LDAP/AD-Problem aus?
>>
>>
>>Grüße
>>Klaus.
>>
>>--
>>Diese Nachricht wurde von meinem Android-Gerät mit FairMail gesendet.
>>
>>Von: marstaller--- via Dovecot <dovecot at listen.jpberlin.de>
>>An: dovecot at listen.jpberlin.de
>>Kopie: marstaller at tropenklinik.de; Joerg Eichhorst <eichhorst at tropenklinik.de>
>>Datum: 08.01.2025 09:14:36
>>Betreff: Fw: Dovecot Fehler
>>
>>> Hallo,
>>> unser exim bringt seit Freitag beim Authentifizieren immer folgenden Fehler:
>>>
>>> LOG: MAIN
>>> == /var/mail/maildata/staebler at tplk.loc/ <staebler at tplk.loc> R=dovecot_user T=dovecot_virtual_delivery defer (0): *Child process of dovecot_virtual_delivery transport returned 75* (could mean temporary error) from command: /usr/libexec/dovecot/dovecot-lda
>>> delivering 1tUVun-0003ju-5N (queue run pid 15776)
>>> *transport error EPIPE ignored*
>>>
>>> im Maillog kommt:
>>> Jan 8 08:57:31 s4slave dovecot: auth: Error: LDAP: binding failed (dn cn=ldap,cn=users,dc=tplk,dc=loc): Invalid credentials, Simple Bind Failed: NT_STATUS_ACCOUNT_EXPIRED
>>> Jan 8 08:57:35 s4slave dovecot: auth: ldap(fiederer at tplk.loc,192.168.135.34,<kLO1Ni0r9gDAqIci>): Aborting (timeout), we're not connected to LDAP server
>>>
>>> Wir haben an der funktionierenden Konfiguration nichts in den letzten Wochen geändert, weiss jemand was da schiefläuft?
>>>
>>> vielen Dank
>>> Reinhard Marstaller
>>>
>>>
>>> [root at s4slave exim]# dovecot -n
>>> # 2.2.10: /etc/dovecot/dovecot.conf
>>> # OS: Linux 2.6.32-358.23.2.el6.x86_64 x86_64 CentOS release 6.4 (Final) ext4
>>> auth_debug_passwords = yes
>>> auth_mechanisms = plain login
>>> auth_verbose = yes
>>> auth_verbose_passwords = plain
>>> debug_log_path = /var/log/dovecot/dovecot.log
>>> disable_plaintext_auth = no
>>> hostname = s4slave.tplk.loc
>>> imap_capability = CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE XLIST
>>> mail_debug = yes
>>> mail_gid = vmail
>>> mail_location = maildir:/var/mail/maildata/%u/mail
>>> mail_plugins = " quota acl mail_log notify zlib"
>>> mail_privileged_group = mail
>>> mail_uid = vmail
>>> managesieve_notify_capability = mailto
>>> managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave spamtest spamtestplus imapflags notify
>>> mbox_write_locks = fcntl
>>> namespace {
>>> list = children
>>> location = maildir:/var/mail/maildata/%%u/mail:INDEX=/var/mail/maildata/%u/mail/shared/%%u:CONTROL=%h/shared/%%u
>>> prefix = shared/%%u/
>>> separator = /
>>> subscriptions = yes
>>> type = shared
>>> }
>>> namespace {
>>> location = maildir:/var/mail/maildata/tropenklinik at tplk.loc:INDEXPVT=%h/mail
>>> prefix = Public/
>>> separator = /
>>> subscriptions = yes
>>> type = public
>>> }
>>> namespace inbox {
>>> inbox = yes
>>> location =
>>> mailbox Archive {
>>> auto = no
>>> special_use = \Archive
>>> }
>>> mailbox Archives {
>>> auto = subscribe
>>> special_use = \Archive
>>> }
>>> mailbox Drafts {
>>> auto = subscribe
>>> special_use = \Drafts
>>> }
>>> mailbox Junk {
>>> special_use = \Junk
>>> }
>>> mailbox Sent {
>>> auto = subscribe
>>> special_use = \Sent
>>> }
>>> mailbox "Sent Messages" {
>>> special_use = \Sent
>>> }
>>> mailbox Trash {
>>> auto = subscribe
>>> special_use = \Trash
>>> }
>>> prefix =
>>> separator = /
>>> subscriptions = yes
>>> type = private
>>> }
>>> passdb {
>>> args = /etc/dovecot/dovecot-ldap.conf.ext
>>> driver = ldap
>>> }
>>> plugin {
>>> acl = vfile
>>> acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db
>>> sieve = ~/.dovecot.sieve
>>> sieve_dir = ~/
>>> sieve_extensions = +spamtest +spamtestplus +notify +imapflags +relational +comparator-i;ascii-numeric
>>> sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
>>> sieve_plugins = sieve_extprograms
>>> sieve_vacation_use_original_recipient = yes
>>> zlib_save = gz
>>> zlib_save_level = 6
>>> }
>>> postmaster_address = administrator at tplk.loc
>>> protocols = imap pop3 lmtp sieve
>>> service auth {
>>> unix_listener auth-client {
>>> mode = 0660
>>> user = exim
>>> }
>>> unix_listener auth-userdb {
>>> group = vmail
>>> user = vmail
>>> }
>>> }
>>> service imap-login {
>>> inet_listener imaps {
>>> port = xxx
>>> ssl = yes
>>> }
>>> }
>>> service managesieve-login {
>>> inet_listener sieve {
>>> port = xxxx
>>> }
>>> service_count = 1
>>> vsz_limit = 64 M
>>> }
>>> service pop3-login {
>>> inet_listener pop3 {
>>> port = xxx
>>> }
>>> inet_listener pop3s {
>>> port = xxx
>>> ssl = yes
>>> }
>>> }
>>> ssl_cert = </etc/pki/dovecot/certs/s4slave.tplk.loc.crt
>>> ssl_cipher_list = XXXX
>>> ssl_dh_parameters_length = 2048
>>> ssl_key = </etc/pki/dovecot/private/s4slave.tplk.loc.key
>>> ssl_prefer_server_ciphers = yes
>>> ssl_protocols = !SSLv2 !SSLv3
>>> userdb {
>>> args = /etc/dovecot/dovecot-ldap.conf.ext
>>> driver = ldap
>>> override_fields = uid=vmail gid=vmail home=/var/mail/maildata/%u/
>>> }
>>> protocol lmtp {
>>> mail_plugins = " quota acl mail_log notify zlib sieve"
>>> }
>>> protocol lda {
>>> mail_plugins = " quota acl mail_log notify zlib sieve"
>>> }
>>> protocol imap {
>>> mail_plugins = " quota acl mail_log notify zlib imap_quota imap_acl imap_zlib"
>>> }
>>> [root at s4slave exim]#
>>>
>>>
>>>
>>> *Reinhard Marstaller*
>>> *IT*
>>>
>>>
>>>
>>>
>>> Tropenklinik Paul-Lechler-Krankenhaus gGmbH
>>>
>>>
>>>
>>> Paul-Lechler-Str. 24
>>>
>>>
>>>
>>> 72076 Tübingen
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Tel.: 07071/ 206-458, Fax: 07071/ 206-451
>>> eMail: _marstaller at tropenklinik.de_
>>>
>>>
>>>
>>>www.tropenklinik.de[http://www.tropenklinik.de/]
>>>
>>> [Bild]
>>>
>>
>>--
>>
>>---------------------------------------
>>e-Mail : klaus at tachtler.net
>>Homepage: https://www.tachtler.net
>>DokuWiki: https://dokuwiki.tachtler.net
>>---------------------------------------
Mehr Informationen über die Mailingliste Dovecot