We have a standard Postfix/Dovecot installation working perfectly with real users but cannot work out how to add virtual users, all virtual user login attempts fail with authentication errors.
Following are snippets from the configuration files:
/etc/postfix/main.cf:
virtual_mailbox_domains = virtualexample.com
virtual_mailbox_base = /var/spool/vhosts
virtual_mailbox_recipients = hash:/etc/postfix/virtual_mailbox_recipients
/etc/dovecot/dovecot.conf:
!include conf.d/*.conf
/etc/dovecot/conf.d/10-auth.conf
auth_mechanisms = cram-md5 digest-md5 plain
passdb {
driver = passwd-file
# Path for passwd-file. Also set the default password scheme.
args = scheme=cram-md5 /etc/cram-md5.pwd
}
/etc/cram-md5.pwd
[email protected]{MD5}$1$uIMvzy92$9Xt67B/qw4u6txkkxzne80
This is a snippet from the log when a login attempt is made:
auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth
auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so
auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so
auth: Debug: passwd-file /etc/cram-md5.pwd: Read 1 users
auth: Debug: auth
client connected (pid=21990)
auth: Debug:
client in: AUTH#0111#011CRAM-MD5#011service=imap#011lip=1.1.1.1#011rip=2.2.2.2#011lport=143#011rport=51774
auth: Debug:
client out: CONT#0111#011PDI1Njc0NjQ1NzQ3MTY0NTkuMTM0MTIxNzkwN0BncDM+
auth: Debug:
client in: CONT
auth: Debug: passwd-file(
[email protected],2.2.2.2): lookup:
[email protected] file=/etc/cram-md5.pwd
auth: Debug:
client out: OK#0111#
[email protected]
auth: Debug: master in: REQUEST#0111630404609#01121990#0111#011b66b5f46b520a08e1d19d3d249be7073
auth: Debug: passwd(
[email protected],2.2.2.2): lookup
auth: passwd(
[email protected],2.2.2.2): unknown user
auth: Error: userdb(
[email protected],2.2.2.2): user not found from userdb passwd
auth: Debug: master out: NOTFOUND#0111630404609
imap: Error: Authenticated user not found from userdb, auth lookup id=1630404609 (client-pid=21990 client-id=1)
imap-login: Internal login failure (pid=21990 id=1) (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=2.2.2.2, lip=1.1.1.1, mpid=21993
auth: Debug: auth
client connected (pid=22010)
auth: Debug:
client in: AUTH#0111#011CRAM-MD5#011service=imap#011lip=1.1.1.1#011rip=2.2.2.2#011lport=143#011rport=51775
auth: Debug:
client out: CONT#0111#011PDcxMDkwNDY1NTQzODUzMDkuMTM0MTIxNzkyOEBncDM+
auth: Debug:
client in: CONT
auth: Debug: passwd-file(
[email protected],2.2.2.2): lookup:
[email protected] file=/etc/cram-md5.pwd
auth: Debug:
client out: OK#0111#
[email protected]
auth: Debug: master in: REQUEST#011343539713#01122010#0111#011e47b1345784e2845d59e794afa9a6bbe
auth: Debug: passwd(
[email protected],2.2.2.2): lookup
auth: passwd(
[email protected],2.2.2.2): unknown user
auth: Error: userdb(
[email protected],2.2.2.2): user not found from userdb passwd
auth: Debug: master out: NOTFOUND#011343539713
imap: Error: Authenticated user not found from userdb, auth lookup id=343539713 (client-pid=22010 client-id=1)
imap-login: Internal login failure (pid=22010 id=1) (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=2.2.2.2, lip=1.1.1.1, mpid=22011
It would appear that the user lookup is not working, even tho' the log suggests that Dovecot is using the /etc/cram-md5.pwd file and the user is configured in that same file.
There are of course dozens of examples of using virtual users with Dovecot, but all the ones we have found either refer to Dovecot 1.x (we are using 2.x), using only virtual users (we must use real AND virtual users) or want to use a MySQL db, we need to use a text file.
Some hints about where we are going wrong would be very much appreciated.