Re: dovecot security
On Wed, 20 Oct 2010 17:49:16 -0400, Rob Owens wrote:
> On Wed, Oct 20, 2010 at 01:05:08PM +0000, Camaleón wrote:
>> Check Dovecot's log files. What error are you getting? :-?
> dovecot: imap-login: Aborted login (0 authentication attempts):
> And then it shows the IP address of my server and my client.
> Icedove's error message is:
> You cannot log in to you.server.net because the server has disabled
> login. You may need to connect via SSL or TLS. Please check the
> account settings for your mail server.
That message seems to indicate:
1/ You have disabled plaintext imap login at server (dovecot)
2/ Your e-mail client imap ssl settings are not configured
> One detail I've left out, and the "cannot log in" error makes me wonder
> about it: My user is an LDAP account user, and I did not configure
> /etc/dovecot/dovecot-ldap.conf. My reason for not configuring it was
> that dovecot seemed to work without it (but I initially used SSL, then
Then you have to "teach" Dovecot how to work/deal with your LDAP users.
> ...Well, there goes that theory. I just created a local (non-ldap) user
> on the mail server and I get the same error when trying to connect
> without SSL or TLS.
Dovecot (as any e-mail server) needs to know what kind of users (local,
virtual) are you working with (it can use pam, mysql, sasldb2, ldap,
plain database backend to store user account ID and password...).