email_server: dovecot: Authenticate using PAM instead of LDAP

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-06-03 10:50:20 +00:00 · 2021-10-22 17:57:57 -07:00 · 2021-10-22 17:57:57 -07:00 · afc958a884
commit afc958a884
parent cb8c23c28d
3 changed files with 5 additions and 45 deletions
--- a/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-auth.conf
+++ b/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-auth.conf
@ -1,22 +1,10 @@
 # Direct edits to this file will be lost!
 # Manage your settings on Plinth <https://localhost/plinth/apps/email_server>

+# Outlook and Windows Mail works only with LOGIN mechanism, not the standard
+# PLAIN:
 auth_mechanisms = plain login

-passdb {
-  driver = ldap
-  args = /etc/dovecot/freedombox-ldap-passdb.conf.ext
-  # Block the default passdb lookup (pam, 10-auth.conf)
-  result_failure = return-fail
-  result_internalfail = return-fail
-  result_success = return-ok
-}
-
-userdb {
-  driver = ldap
-  args = /etc/dovecot/freedombox-ldap-userdb.conf.ext
-  # Block the default userdb lookup (passwd, 10-auth.conf)
-  result_failure = return-fail
-  result_internalfail = return-fail
-  result_success = return-ok
-}
+# Allow authentication from attempts that provide username as
+# user@domain.example.
+auth_username_format = %Ln
--- a/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-passdb.conf.ext
+++ b/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-passdb.conf.ext
@ -1,8 +0,0 @@
-# Direct edits to this file will be lost!
-# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
-
-uris = ldap://127.0.0.1
-base = dc=thisbox
-
-auth_bind = yes
-auth_bind_userdn = uid=%u,ou=users,dc=thisbox
--- a/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-userdb.conf.ext
+++ b/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-userdb.conf.ext
@ -1,20 +0,0 @@
-# Direct edits to this file will be lost!
-# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
-
-uris = ldap://127.0.0.1
-base = dc=thisbox
-
-user_attrs = \
-  =home=%{ldap:homeDirectory}, \
-  =uid=%{ldap:uidNumber}, \
-  =gid=%{ldap:gidNumber}, \
-  =mail=maildir:~/Maildir:LAYOUT=index
-
-# Support user lookup by username
-
-user_filter = (&(objectClass=posixAccount)(uid=%Ln)(!(uidNumber=0)))
-
-# For doveadm
-
-iterate_attrs = =user=%{ldap:uid}
-iterate_filter = (objectClass=posixAccount)