Rainloop : cannot login

,

Hello. I installed Rainloop, the webmail, but I cannot login.
The package is : https://github.com/polytan02/rainloop_ynh
I checked my Yunohost domain in the Rainloop admin panel: it is tested ok.
I tried with the user “mainYNHuser@domain.tld” and “mainYNHuser” (examples): impossible to connect.
I get “Authentication failed” or in French "L’authentification a échoué"
I tried with SSL IMAP=993 and SNMP=465
And without SSL IMAP=143 and SNMP=25
Help!
Notes:

  • Roundcube is working fine - but I want to test PGP with Rainloop
  • Rainloop is working fine with a gmx account… but impossible with my own ynh account (issue between Rainloop and Dovecot?)

I have problems with this package too, trying to connect with the following username : username@domain.tld

I get the following error : server unreachable while installing standard rainloop on a remote server i can access to my yunohost server emails.

Was my fault, didnt update the server domain setup. Works fine for me, connecting with username@domain.tld and not email address.

if you want to use the full email address to log in, activate custom login mapping and be sure to use the following :
emailaddress:username

then you can loggin using the full email address

Hello,
I feel less alone and less ashamed thanks to you, @Novakin :smile:
Works better when the subdomains imap and smtp are set in the dns zone of my registrar…
I like the clean web interface and the option to use OpenPGP.
The only (minor) trouble is that this integration is not (yet) integrated in SSO: the app needs to sign again.
Thanks polytan02 for the integration. What’s your name on the forum?
@xof

I guess (maybe i’m totally wrong) that SSO will be hard to configure on rainloop.

Let’s take an exemple it will be easier for me to make myself clear :

Username : user1
email : user1.blabla@exemple.com
domain : exemple.com

Login for smtp/imap/pop etc. is user1@exemple.com
Login for yunohost panel is user1

If you log into rainloop with user1@exemple.com you will only be able to send email with user1@exemple.com and not with user1.blabla@exemple.com

In order to be able to send email as user1.blabla@exemple.com you need to install the custom login mapping plugin into rainloop.

I hope you understand my point but it looks like to be very complicated to use SSO for that, as email is usually different form the username

Hi, I think it might be feasible to implement auto-login.
The package developed for OwnCloud does that: https://apps.owncloud.com/content/show.php/RainLoop+Webmail?content=165254

However, the code looks rather complex…
And as you say @Novakin, you’ll need to be able to retrieve the appropriate email, and auto-setup the domains (which can be done by "sed"ing the ini file after installation perhaps?)

That what I was looking for yesterday!!!

A question is it possible to add autentification on yunohost with email/pwd that link to username/pwd account?
That way it may be simple to make Rainloop working.

Ps: when I say “possible” I thing is it possible to add this feature…

I try answer my self…
in dovecot config file there is a line:
dovecot-ldap.conf:pass_filter = (&(objectClass=inetOrgPerson)(uid=%n))

If I read it correctly it mean seach for user_name in LDAP that match username part of username@domaine.com

I d’ont test now but replace with:
dovecot-ldap.conf:pass_filter = (&(objectClass=inetOrgPerson)(mail=%u))
while search mail of user that match username@domaine.com

that way you can have diferent username and mail…
did anyone can confirme/advise.

Ok after many config can make it working with;
user_filter = (&(objectClass=mailAccount)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=mailAccount)(mail=%u))

but with that mail are store in /var/mail/user1.blabla, an not /var/mail/user1

Possiblie if you have more than 1 mail on the account, you will have as many mailbox, actual config is more like alias…

But to be usable on multi-domaine I nead to find if I can had domain un path…

next:
OK change in dovecot.config:

mail_home = /var/mail/%u
mail_location = maildir:/var/mail/%u

=> mail are in /var/mail/user1.blabla@domaine.name

Yes…

Hi, it’s getting complex if you just want to retrieve the user primary email…
See what @tostaki did for his Seafile package:

$(sudo yunohost user info $user | grep mail: | sed "s/mail: //g")

$user is your retrieved user

If you change the way YunoHost manages its user id, it might break other things.

And this is how SSO is supposed to work in Rainloop: https://github.com/RainLoop/rainloop-webmail/wiki/SSO-example

Also referenced here: https://github.com/polytan02/rainloop_ynh/issues/6

I’ll give it a go this week

Just to let you know, the SSO and autoconfig of domains for Rainloop is almost ready.
Perhaps in a couple of days :smile:

Yes!!!
realy nice…

@djip can you test my repository please? https://github.com/scith/rainloop_ynh
If everything works fine I can send a pull request to polytan

Thanks

Bon je viens de me rendre compte que j’avais un compte github… et que j’aurais pu me connecté avec…
Cool il as compris qui j’etais avec mon mail :wink:

Cool ! Le SSO fonctionne aussi ? Il te connecte direct ?
Merci

Non pas eu le temps… j’ai fait ma 1ere instal il y a 2 jours… et j’utilise plutot fedora que Debian…
pour tester il faut quye je vois si je me fait des vm… ou si j’essai avec scaleway il semble que certain l’ai deja utilisé
Firewall iptables sur serveur scaleway

Bon je me suis créé un compte sur scaleway mais je n’ai pas eu le temps d’aller plus loin… p’etre une bonne idée.

Salut,
je déterre un peu le topic, parce que je viens de fork le dépot de @scith et chez moi le SSO ne connecte pas l’user directement, j’ai une boucle infinie sur l’index et je ne comprend pas ce qui est censé se passer après la redirection avec la query string ?sso-hash=tartampion car je ne vois rien dans le plugin intégré à l’appli, à moins que ce soit implémenté dans Rainloop directement ?
La doc de Rainloop tenant sur un timbre, ce serait sympa de m’éclairer brièvement sur ce qui est censé se passer.
Merci

Salut, c’est bizarre la boucle infinie on pensait avoir réglé ça avec un hack temporaire
Tu est sur index.php ou /app/index.php ?
essaye voir tonchemin/app/ ?
Pourrais-tu préciser quel chemin tu as choisi et si l’app est publique ou non stp ?

En fait notre “workaround” a été de mettre rainloop dans un sous-dossier “app” et d’utiliser comme index cette page : https://github.com/scith/rainloop_ynh/blob/master/sources/sso/sso.php

Cette page récupère les identifiants YunoHost et les passe à Rainloop pour autologger

et du coup, il sert à quoi le plugin ? Visiblement il va taper dans le LDAP, mais je ne comprend pas pourquoi, étant donné que rainloop peut s’authentifier vis à vis du serveur imap nativement…?

Bon je me répond tout seul.

  • mon problème de boucle c’est parce que j’ai touché la conf d’nginx sur un autre projet qui a tout cassé.

  • Le plugin en tant que tel ne sert à rien, il ne fait que logguer les connexions réussis/échouées dans un but de monitoring / sécu (fail2ban) je suppose.

Par contre, @scith, tu utilises le domaine fourni par l’utilisateur comme hôte pour la connexion au domaine en question, cependant, IMHO, il vaudrait mieux utiliser localhost, dans mon cas (image docker de base), le domaine n’était pas résolu et le test de connexion échouait.
Aussi, j’ai modifié le script d’install, pour qu’il installe php5-cli si nécessaire, car il n’était pas installé sur l’image docker.

Je t’ai envoyé une PR sur github.