Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Can't login to Webmail using dovecot master password

Discussion in 'E-mail Discussion' started by Andriy, Jan 13, 2018.

  1. Andriy

    Andriy Registered

    Joined:
    Jan 9, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    kyiv
    cPanel Access Level:
    Root Administrator
    Hello. I have a question. Now I want to enable login to any customer's mailbox without user's password using dovecot master password without using cPanel session IDs.

    I've configured dovecot and tested this config on server without cPanel. All working good: I can login to any mailbox using master password - - Removed-

    I tried to configure dovecot on server with cPanel. Dovecot configured successfully and I can log in with dovecot master password via telnet:
    Code:
    [root@webcloud1 dovecot]# telnet localhost 143
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
    1 login test@domain.mk.ua/master@domain.mk.ua unencrypted password
    1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE NAMESPACE NOTIFY COMPRESS=DEFLATE QUOTA] Logged in
    Doveadm auth also working correctly:

    Code:
    [root@webcloud1 dovecot]# doveadm auth test test@domain.mk.ua/master@domain.mk.ua
    Password:
    passdb: test@domain.mk.ua/master@domain.mk.ua auth succeeded
    extra fields:
     user=test@domain.mk.ua
     original_user=master@domain.mk.ua
     auth_user=master@domain.mk.ua
    But when I trying to login with master password via cPanel's webmail, I can't. I get the error: The login is invalid. See attached image.

    I've checked /usr/local/cpanel/logs/login_log and found next records:
    Code:
    [2018-01-14 10:26:33 +0800] info [webmaild] 192.168.60.124 - test@domain.mk.ua-m "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN webmaild: user password hash is missing from system (user probably does not exist)
    In maillog nothing. So, I have some questions, one answer on it can resolve my issue:
    1. How to connect to user's mailbox directly via dovecot without cPanel's user check?
    2. How enable in cPanel dovecot master password authentication without using cpanel sessions (WHM API 1 Functions - create_user_session - Software Development Kit - cPanel Documentation) ?
    3. How to disable user check?
    So, what must I do? Who have any ideas?
     
    #1 Andriy, Jan 13, 2018
    Last edited by a moderator: Jan 13, 2018
  2. cPWilliamL

    cPWilliamL cP Technical Analyst II
    Staff Member

    Joined:
    May 15, 2017
    Messages:
    257
    Likes Received:
    29
    Trophy Points:
    103
    Location:
    America
    cPanel Access Level:
    Root Administrator
    Hi @Andriy,

    I'm afraid this isn't something you would be able to change, as this webmail is served by cpsrvd, which is compiled in; the changes would need to be made in cPanel's core code. I'd recommend submitting a feature request.

    Thanks,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. haneef95

    haneef95 Registered

    Joined:
    Mar 12, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Website Owner
    Brilliant! @Andriy, may I know how you enabled master password please?

    Basically, we're on a shared hosting and would like to move our emails over to Office 365/Exchange Online. We don't want to change user's passwords, so, I'm hoping to use the Dovecot's Master User/Password feature (or any other suitable solution for that mater) to connect to IMAP for all emails (within a cPanel user), using the same password.

    Since, this is a shared hosting, the only access I have are:
    1. the cPanel login (not WHM) at server8.hosting.com:2083, using 'my_hosting_username' and 'my_hosting_password'
    2. the user directory at '/home/my_hosting_username/'
    3. all the emails are stored in '/home/my_hosting_username/mail', so, I'm able to access those folders as well.
    4. When I telnet IMAP (server8.hosting.com:143) and login using 'my_hosting_username' and 'my_hosting_password'. I'm able to list all the email folders within that cPanel account. So, that includes any_user@mydomain.com
    So, in my scenario, how can I create a master user that is able to IMAP to any user that are in mydomain.com or within my cPanel user?

    P.S: I found another solution (App-specific password), but, like the Master User solution that requires me to edit configuration files that aren't available for me to access.

    So, that leads me onto another idea. Can cPanel users have their own dovecot configuration files?

    Thanks,
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @haneef95

    It's not possible to modify the Dovecot configuration without root access to the system.

    One potential workaround would be to take the following steps:

    1. Make a backup of the shadow file associated with the domain name located at /home/username/etc/domain.tld/shadow. EX:

    Code:
    cp -a /home/username/etc/domain.tld/shadow /home/username/etc/domain.tld/shadow-backup
    2. Change the passwords for all email accounts that you need access to via the "Email Accounts" option in cPanel.

    3. Perform whichever actions you need to perform in order to transfer the email data to another application.

    4. Once the data is moved over, move the previous shadow file back into place and removed the cached password data. EX:

    Code:
    mv /home/username/etc/domain.tld/shadow /home/username/etc/domain.tld/shadow-no-longer-needed
    mv /home/username/etc/domain.tld/shadow-backup /home/username/etc/domain.tld/shadow
    rm /home/username/etc/domain.tld/@pwcache/*
    
    This way, you have temporary access to authenticate to the email accounts for mail transfer purposes, and the original email passwords are restored after you've completed the transfer.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice