[Dovecot] Auth error in log

Per-Henrik Lundblom ph at whatever.nu
Wed Aug 21 09:52:52 EEST 2013


Hi,

I have a setup with Dovecot handling a few virtual domains delivering
mails to both local Unix account mailboxes and seperate mailboxes for
virtual users defined in a MySQL database. A quick overview of the
configuration shows two passdb definitions:

auth default {
  mechanisms = plain login

  passdb pam {
    args = dovecot
  }

  passdb sql {
    args = /etc/dovecot/dovecot-sql.conf
  }

  userdb passwd {
    args = mail=maildir:~/Maildir blocking=yes
  }

  userdb static {
    args = uid=vmail gid=mail home=/var/spool/vmail/%d/%n allow_all_users=yes
  }

  user = root

  socket listen {
    master {
      path = /var/run/dovecot/auth-master
      mode = 0600
      user = vmail
      group = mail
    }
    client {
      path = /var/spool/postfix/private/auth
      mode = 0660
      user = postfix
      group = postfix
    }
  }
  !include_try /etc/dovecot/auth.d/*.auth
}

When a virtual user defined in the MySQL database tries to log in using
IMAP or SMTP I always get auth failures logged in the system logs.
Entries are like this:

Aug 21 06:25:36 roadrunner dovecot-auth: pam_unix(dovecot:auth):
authentication failure; logname= uid=0 euid=0 tty=dovecot
ruser=luser at mydomain.com rhost=85.224.xx.xx

I assume these failures comes form the fact that PAM doesn't recognize
the virtual users and Dovecot continues to the SQL passdb entry. As a
result I get a _lot_ of auth failures in the logs.

I have tried to come up with a way where the auth failures from PAM
arent't logged if the the SQL authenication is successful. Is this
possible or are there any other recommended ways to handle this?

/PH

--
Per-Henrik Lundblom           email: ph at whatever.nu
phone: +46 733 207126         webpage: www.whatever.nu



More information about the dovecot mailing list