From iRedMail

Revision as of 14:07, 22 February 2013

Summary

This tutorial describes how to enable Dovecot Master User in Dovecot-1.2 or Dovecot-2.x. Please visit Dovecot wiki page for more details about Master User:

• Dovecot-2: http://wiki2.dovecot.org/Authentication/MasterUsers
• Dovecot-1: http://wiki1.dovecot.org/Authentication/MasterUsers

Steps for Dovecot-2

• Please append below lines in your Dovecot config file: dovecot.conf. it should be /etc/dovecot/dovecot.conf or /usr/local/etc/dovecot/dovecot.conf (FreeBSD).

# Master user.
# Master users are able to log in as other users. It's also possible to
# directly log in as any user using a master password, although this isn't
# recommended.
# Reference: http://wiki2.dovecot.org/Authentication/MasterUsers
auth_master_user_separator = *
passdb {
    driver = passwd-file
    args = /etc/dovecot/dovecot-master-user-password
    master = yes
}

• Create password file and add a master user master_user with password master_password.

# touch /etc/dovecot/dovecot-master-user-password
# chown dovecot:dovecot /etc/dovecot/dovecot-master-user-password
# chmod 0500 /etc/dovecot/dovecot-master-user-password

# htpasswd -b /etc/dovecot/dovecot-master-user-password master_user master_password

WARNING:

• If you have auth_default_realm = domain.com in dovecot.conf, the master user name will be rewritten to master_user@domain.com if it's not a valid email address, and authentication will fail. Please either use a full email address as master user, or disable auth_default_realm setting.
• User name master_user and password master_password is just an example, please always choose a different name and password. Using random strings is a good choice. You can get random string with below command (replace '15' by a larger integer if you want longer string):

$ eval </dev/urandom tr -dc A-Za-z0-9 | (head -c $1 &>/dev/null || head -c 15)
86S09THpo2jFJAb

• It's now ok to restart Dovecot service to enable Master User.

Steps for Dovecot-1

• Please append below line in your Dovecot config file: dovecot.conf. it should be /etc/dovecot.conf or /usr/local/etc/dovecot.conf (FreeBSD).

auth_master_user_separator = *

• Now append below lines in section auth default {}:

auth default {

    # Add below lines
    passdb passwd-file {
        args = /etc/dovecot-master-user-password
        master = yes
    }

    [...omit others...]

• Create password file and add a master user master_user with password master_password.

# touch /etc/dovecot-master-user-password
# chown vmail:vmail /etc/dovecot-master-user-password
# chmod 0500 /etc/dovecot-master-user-password

# htpasswd -b /etc/dovecot-master-user-password master_user master_password

WARNING:

• If you have auth_default_realm = domain.com in dovecot.conf, the master user name will be rewritten to master_user@domain.com if it's not a valid email address, and authentication will fail. Please either use a full email address as master user, or disable auth_default_realm setting.
• User name master_user and password master_password is just an example, please always choose a different name and password. Using random strings is a good choice. You can get random string with below command (replace '15' by a larger integer if you want longer string):

$ eval </dev/urandom tr -dc A-Za-z0-9 | (head -c $1 &>/dev/null || head -c 15)
86S09THpo2jFJAb

• It's now ok to restart Dovecot service to enable Master User.

Test Master User

You can now login to webmail by specifying both the master username and the login username in the same username field. For example, login to user "my_user@domain.com" with username my_user@domain.com*master_user and password master_password.

If it doesn't work for you, please enable debug mode in Dovecot and paste related log in our support forum: http://www.iredmail.org/forum/

mail_debug = yes
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes