27 Nov 2007, 21:51

Dovecot's Deliver zum Schweigen bringen

Share

Seit ich Dovecots deliver als LDA/MDA zusammen mit exim verwende habe ich das Problem gehabt, dass deliver im syslog immer die Passwörter der Mail-Benutzer ausgegeben hat, was natürlich weder erwünscht noch sinnvoll ist. Ich habe lange Zeit keine Lösung gefunden, da meine Konfiguration eigentlich korrekt war, aber heute hat mir Tim Sirrainen, der Autor von Dovecot eine Lösung aufgezeigt.

Example from delivers logfile:

deliver(user@host.tld): "2007-11-26 19:37:40 "Info: auth input: user@host.tld
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: auth input: user=user@host.tld
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: auth input: password=password
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: auth input: home=/home/mail/host.tld/user
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: auth input: uid=8
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: auth input: gid=8
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: Loading modules from directory: /usr/lib/dovecot/modules/lda
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: Module loaded: /usr/lib/dovecot/modules/lda/lib90_cmusieve_plugin.so
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: maildir: data=/home/mail/host.tld/user/Maildir
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: maildir: root=/home/mail/host.tld/user/Maildir, index=/home/mail/host.tld/user/Maildir, control=, inbox=
deliver(user@host.tld): "2007-11-26 19:37:40 "Info: cmusieve: Using sieve path: /home/mail/host.tld/user/.dovecot.sieve
deliver(user@host.tld): "2007-11-26 19:37:42 "Info: msgid=<49403.129.98.4.165.1196102178.squirrel@mail.host.com>: saved mail to dovecot

Das Problem war ein Bug in Dovecot/deliver der dafür sorgte, dass die Zeile

mail_debug = no

nicht richtig ausgewertet wurde. Die Lösung war die betreffende Zeile auszukommentieren.

Hier noch meine Konfiguration vor der Korrektur.

Dovecot.conf w/o comments:

base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
disable_plaintext_auth = no
shutdown_clients = yes
log_path = /var/log/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
ssl_disable = no
ssl_cert_file = /etc/ssl/certs/cert.crt
ssl_key_file = /etc/ssl/certs/key.pem
ssl_parameters_regenerate = 168
ssl_cipher_list = ALL:!LOW
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_process_size = 32
login_process_per_connection = yes
login_processes_count = 3
login_max_processes_count = 128
login_max_connections = 256
login_greeting = Mailserver (powered by Dovecot) ready.
mail_location = maildir:/mail/%d/%n/Maildir
namespace private {
separator =
prefix =
location =
inbox = yes
}
mail_extra_groups = mail
mail_debug = no
first_valid_uid = 8
last_valid_uid = 8
max_mail_processes = 1024
mail_process_size = 256
mail_max_keyword_length = 50
umask = 0077
mbox_read_locks = fcntl
mbox_write_locks = dotlock fcntl
mbox_dotlock_change_timeout = 120
protocol imap {
imap_max_line_length = 65536
login_greeting_capability = yes
}

protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
postmaster_address = postmaster@host.tld
mail_plugin_dir = /usr/lib/dovecot/modules/lda
sendmail_path = /usr/lib/sendmail
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = cmusieve
}
auth_process_size = 256
auth_cache_size = 256
auth_cache_ttl = 3600
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_verbose = no
auth_debug = no
auth_debug_passwords = no
auth default {
mechanisms = plain
passdb pam {
}
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb passwd {
}
userdb prefetch {
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
user = root
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
}
client {
path = /var/run/dovecot/auth-client
mode = 0600
user = mail
group = mail
}
}
}
dict {
}
plugin {
}