You are here: start / networking / dovecot / create_master_user

Table of Contents

About

Dovecot allows creating a master user that will be able to log-in as any other user which is particularly useful when administering a large number of accounts and you have to check that emails are properly sent and received. This short tutorial will explain how a master user can be added to dovecot and how to test logging-in. The Linux distribution used for this tutorial is Debian but the information may apply to other distributions.

Creating Master Password File

To create a master file, assuming that the dovecot configuration files are placed in /etc/dovecot/, issue the command: 

htpasswd -b -c -s /etc/dovecot/master-users MASTER_USER MASTER_PASSWORD

where:

  • MASTER_USER is the master user to be used to log-in as other users,
  • MASTER_PASSWORD is the master user's password

Configuring Dovecot

To configure dovecot and enable the master user, edit /etc/dovecot/conf.d/10-auth.conf and set the master separator field: 

auth_master_user_separator = *

this symbol (*) will be used to separate the real user from the master user when logging-in. In the same file, make sure that the master configuration file is not commented (remove the hash sign # before the exclamation mark !: 

!include auth-master.conf.ext

Next, edit /etc/dovecot/conf.d/auth-master.conf.ext and amend the file such that it contains the lines: 

passdb {
  driver = passwd-file
  master = yes
  args = /etc/dovecot/master-users
  pass = yes
}
passdb {
  driver = shadow
}
userdb {
  driver = passwd
}

The final step is to restart dovecot and then check that logging-in works.

Testing

Checking that the master user works can be performed via SSL or in plain mode. In order to log-in as a different user by using the master user, the username and password to be used will be:

Username Password
OTHER_USER*MASTER_USER MASTER_PASSWORD

For example, if the user you want to log-in as is called john and your master user is called barbara and the master password is siglint, then the username you have to supply will be john*barbara and the password will be siglint.

Plain

To log-in using the plain method, issue: 

telnet localhost 143

assuming that dovecot is listening on localhost.

And then enter: 

tag login john*barbara siglint

where:

  • john is the user to impersonate
  • barbara is the master username
  • siglint is the master password

Using SSL

Using SSL, issue: 

openssl s_client -crlf -connect localhost:993

assuming that dovecot is listening on localhost and port 993, and then issue: 

tag login john*barbara siglint

where:

  • john is the user to impersonate
  • barbara is the master username
  • siglint is the master password
networking/dovecot/create_master_user.txt ยท Last modified: by 127.0.0.1
You are here: start / networking / dovecot / create_master_user

Wizardry and Steamworks

© 2025 Wizardry and Steamworks

Access website using Tor Access website using i2p Wizardry and Steamworks PGP Key


For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.