[Dovecot] auth failures

Timo Sirainen tss at iki.fi
Thu Dec 19 23:55:11 EET 2013

On 12.12.2013, at 13.05, Andreas Schulze <andreas.schulze at datev.de> wrote:

> last week and today our dovecot pop3 server stopped responding.
> Without any other logentries dovecot start to log only this:
> Dec 12 09:14:12 mbox1 dovecot: auth: Error: ldap(testuser,,<FBZH7lHtAQAK/FCj>): ldap_search(base=ou=accounts,dc=example,dc=de filter=(&(|(uid=testuser)(mail=testuser))(!(state=blocked)))) failed: Operations error
> For every pop3 Session, ~2000 per Minute ..., over 10 Minutes
> I send dovecot a SIGTERM. After dovecot was started again, all was fine again.
> # doveconf -n
> http://postmaster.datev.de/tmp/dovecot.conf
> The LDAP-Server itself did resond to queries in the same timeframe. I know this because the MTA on the same host was able to deliver messages into mailboxes.

Likely the difference is that Dovecot keeps the LDAP connection open for a very long time, while MTA likely recreates new connections often (maybe even every time). I guess the fix would be to simply treat that error as "reconnection required": http://hg.dovecot.org/dovecot-2.2/rev/ea38559ffd4e

More information about the dovecot mailing list