Logfile flooding with lookup failure for root user using pam

Michael Ruiz michael at mruiz.dev
Wed Feb 3 20:08:44 EET 2021

Hi all,

I am getting the error where root is constantly being lookedup over
imap I am guessing. I am pretty sure services like fail2ban and
logwatch are setup to send from another user instead of root @
localhost so I think this may be an imap issue. 
I tried adding root to /etc/dovecot/deny-users , but this error still
persists. I know imap as root is a big security issue and is disabled,
but I cannot pinpoint how or why this is happening so often. I am using
PAM and passwd for authentication and authorization.

How can I prevent root user from being looked up in the first place ?


dovecot[606167]: lmtp(606199): Error: lmtp-server: conn
unix:pid=606196,uid=73 [2]: rcpt root@<domain>: Failed to lookup user
root@<domain>: Invalid settings in userdb: userdb returned 0 as
replaced my domain name with <domain> in this example.

More information about the dovecot mailing list