Unable to use encrypted password for imap and pop3

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Unable to use encrypted password for imap and pop3

danjjde
Hi friends,
Following the Workaround tutorial for Jessie
(https://workaround.org/ispmail/jessie ) I've set up six month ago my
first Postfix email server and all works very fine, except for the
ability from the user to encrypt login password.
I can use the encrypted password with smtp, but not with pop3 and imap.
The certificates are from Letsencrypt.

Could you suggest me where I should look into?

Many many thanks!


davide





Here are 'postconf -nf' and 'postconf -Mf':


------------------------------------------ postconf -nf
------------------------------------------------


alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
inet_protocols = ipv4
mailbox_size_limit = 0
milter_connect_macros = i j {daemon_name} v {if_name} _
mydestination = server.sio4.org, localhost.sio4.org, , localhost
myhostname = server.sio4.org
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = reject_unknown_reverse_client_hostname
smtpd_milters = unix:/spamass/spamass.sock
smtpd_recipient_restrictions = reject_non_fqdn_sender,
     reject_unauth_destination, reject_unknown_reverse_client_hostname,
     reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,
     reject_unknown_sender_domain, reject_non_fqdn_recipient
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
     defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_login_maps =
     
mysql:/etc/postfix/mysql-email2email.cf,mysql:/etc/postfix/mysql-virtual-alias-maps.cf
smtpd_tls_auth_only = yes
smtpd_tls_cert_file =
/etc/letsencrypt/live/server.sio4.org/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/server.sio4.org/privkey.pem
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps =
     
mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp



------------------------------------------ postconf -Mf
------------------------------------------------


smtp       inet  n       -       -       -       -       smtpd
submission inet  n       -       -       -       -       smtpd
     -o syslog_name=postfix/submission
     -o smtpd_tls_security_level=encrypt
     -o smtpd_sasl_auth_enable=yes
     -o smtpd_sasl_type=dovecot
     -o smtpd_sasl_path=private/auth
     -o smtpd_sasl_security_options=noanonymous
     -o
smtpd_sender_login_maps=mysql:/etc/postfix/mysql-email2email.cf,mysql:/etc/postfix/mysql-virtual-alias-maps.cf
     -o smtpd_sender_restrictions=reject_sender_login_mismatch
     -o smtpd_sasl_local_domain=$myhostname
     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
     -o
smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
pickup     unix  n       -       -       60      1       pickup
cleanup    unix  n       -       -       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       -       1000?   1       tlsmgr
rewrite    unix  -       -       -       -       -      
trivial-rewrite
bounce     unix  -       -       -       -       0       bounce
defer      unix  -       -       -       -       0       bounce
trace      unix  -       -       -       -       0       bounce
verify     unix  -       -       -       -       1       verify
flush      unix  n       -       -       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       -       -       -       smtp
relay      unix  -       -       -       -       -       smtp
showq      unix  n       -       -       -       -       showq
error      unix  -       -       -       -       -       error
retry      unix  -       -       -       -       -       error
discard    unix  -       -       -       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       -       -       -       lmtp
anvil      unix  -       -       -       -       1       anvil
scache     unix  -       -       -       -       1       scache
maildrop   unix  -       n       n       -       -       pipe
flags=DRhu
     user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe
flags=Fqhu
     user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F
user=ftn
     argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq.
     user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n       n       -       2       pipe flags=R
     user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop}
     ${user} ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FR
     user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop}
     ${user}



Reply | Threaded
Open this post in threaded view
|

Re: Unable to use encrypted password for imap and pop3

Administrator Beckspaced.com
postfix does not provide pop3 & imap!
have a look at the Dovecot (your pop3 & imap service)  SSL configuration
as pointed in the tutorial:

http://wiki2.dovecot.org/SSL/DovecotConfiguration

greetings
Becki


On 11.02.2017 08:25, [hidden email] wrote:

> Hi friends,
> Following the Workaround tutorial for Jessie
> (https://workaround.org/ispmail/jessie ) I've set up six month ago my
> first Postfix email server and all works very fine, except for the
> ability from the user to encrypt login password.
> I can use the encrypted password with smtp, but not with pop3 and imap.
> The certificates are from Letsencrypt.
>
> Could you suggest me where I should look into?
>
> Many many thanks!
>
>
> davide
>
>
>
>
>
> Here are 'postconf -nf' and 'postconf -Mf':
>
>
> ------------------------------------------ postconf -nf
> ------------------------------------------------
>
>
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
> biff = no
> config_directory = /etc/postfix
> inet_interfaces = all
> inet_protocols = ipv4
> mailbox_size_limit = 0
> milter_connect_macros = i j {daemon_name} v {if_name} _
> mydestination = server.sio4.org, localhost.sio4.org, , localhost
> myhostname = server.sio4.org
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
> myorigin = /etc/mailname
> readme_directory = no
> recipient_delimiter = +
> relayhost =
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> smtpd_client_restrictions = reject_unknown_reverse_client_hostname
> smtpd_milters = unix:/spamass/spamass.sock
> smtpd_recipient_restrictions = reject_non_fqdn_sender,
>     reject_unauth_destination, reject_unknown_reverse_client_hostname,
>     reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,
>     reject_unknown_sender_domain, reject_non_fqdn_recipient
> smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
>     defer_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_type = dovecot
> smtpd_sender_login_maps =
> mysql:/etc/postfix/mysql-email2email.cf,mysql:/etc/postfix/mysql-virtual-alias-maps.cf
> smtpd_tls_auth_only = yes
> smtpd_tls_cert_file = /etc/letsencrypt/live/server.sio4.org/fullchain.pem
> smtpd_tls_key_file = /etc/letsencrypt/live/server.sio4.org/privkey.pem
> smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
> smtpd_tls_security_level = may
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtpd_use_tls = yes
> virtual_alias_maps =
> mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf
> virtual_mailbox_domains =
> mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
> virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
> virtual_transport = lmtp:unix:private/dovecot-lmtp
>
>
>
> ------------------------------------------ postconf -Mf
> ------------------------------------------------
>
>
> smtp       inet  n       -       -       -       -       smtpd
> submission inet  n       -       -       -       -       smtpd
>     -o syslog_name=postfix/submission
>     -o smtpd_tls_security_level=encrypt
>     -o smtpd_sasl_auth_enable=yes
>     -o smtpd_sasl_type=dovecot
>     -o smtpd_sasl_path=private/auth
>     -o smtpd_sasl_security_options=noanonymous
>     -o
> smtpd_sender_login_maps=mysql:/etc/postfix/mysql-email2email.cf,mysql:/etc/postfix/mysql-virtual-alias-maps.cf
>     -o smtpd_sender_restrictions=reject_sender_login_mismatch
>     -o smtpd_sasl_local_domain=$myhostname
>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>     -o
> smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
> pickup     unix  n       -       -       60      1       pickup
> cleanup    unix  n       -       -       -       0       cleanup
> qmgr       unix  n       -       n       300     1       qmgr
> tlsmgr     unix  -       -       -       1000?   1       tlsmgr
> rewrite    unix  -       -       -       -       - trivial-rewrite
> bounce     unix  -       -       -       -       0       bounce
> defer      unix  -       -       -       -       0       bounce
> trace      unix  -       -       -       -       0       bounce
> verify     unix  -       -       -       -       1       verify
> flush      unix  n       -       -       1000?   0       flush
> proxymap   unix  -       -       n       -       -       proxymap
> proxywrite unix  -       -       n       -       1       proxymap
> smtp       unix  -       -       -       -       -       smtp
> relay      unix  -       -       -       -       -       smtp
> showq      unix  n       -       -       -       -       showq
> error      unix  -       -       -       -       -       error
> retry      unix  -       -       -       -       -       error
> discard    unix  -       -       -       -       -       discard
> local      unix  -       n       n       -       -       local
> virtual    unix  -       n       n       -       -       virtual
> lmtp       unix  -       -       -       -       -       lmtp
> anvil      unix  -       -       -       -       1       anvil
> scache     unix  -       -       -       -       1       scache
> maildrop   unix  -       n       n       -       -       pipe flags=DRhu
>     user=vmail argv=/usr/bin/maildrop -d ${recipient}
> uucp       unix  -       n       n       -       -       pipe flags=Fqhu
>     user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
> ifmail     unix  -       n       n       -       -       pipe flags=F
> user=ftn
>     argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp      unix  -       n       n       -       -       pipe flags=Fq.
>     user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
> scalemail-backend unix - n       n       -       2       pipe flags=R
>     user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
>     ${user} ${extension}
> mailman    unix  -       n       n       -       -       pipe flags=FR
>     user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
>     ${user}
>
>
>
>
>