Auth-Trouble

Hanns Mattes hanns at hannsmattes.de
Sun Oct 31 19:26:37 EET 2021 

Hi,

I've installed Dovecot on a freshly installed machine running Freebsd
13.4.

Configuration was copied from an earlier installation, which worked
perfectly, until I screwed an update.

AFAICS things are working, except replication. I see tons of Errors on
the remote and the local machine

Oct 31 16:15:30 freebsd dovecot[3248]: doveadm(xxx at xx.de): Fatal:
connect(213.239.197.36:54321) failed: Interrupted system call

and some

Oct 31 16:47:33 freebsd dovecot[5509]: auth:
cram-md5(xxx at xx.de,176.199.241.57,<xSyR+afPn9ywx/E5>): Password mismatch

Oct 31 16:47:28 freebsd dovecot[5509]: doveadm(xxx at yy.de): Fatal:
connect(213.239.197.36:54321) failed: Connection refused

and we also get

Oct 31 18:17:17 freebsd dovecot[934]:
imap(xxx at wxxx.de)<1649><lWFvO6nPDeewx/E5>:
Panic: file array.c: line 10 (array_idx_modifiable_i): assertion failed:
(idx < array->buffer->used / array->element_size) Oct 31 18:17:17
freebsd dovecot[934]:
imap(xxx at wxxx.de)<1649><lWFvO6nPDeewx/E5>:
Fatal: master: service(imap): child 1649 killed with signal 6 (core not
dumped - https://dovecot.org/bugreport.html#coredumps - set service imap
{ drop_priv_before_exec=yes })

not to forget

Oct 31 18:18:33 freebsd dovecot[934]: doveadm(xxx at xxx):
Fatal: connect(213.239.197.36:54321) failed: Connection refused


Users are authenticating with ldap.

I'm clueless, and I don't have any clue, if it is a misconfiguration of
dovecot or my freebsd-install.

Any ideas appreciated

Here is the output of doveconf -n
# 2.3.17 (e2aa53df5b): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.17 (054dddfa)
# OS: FreeBSD 13.0-RELEASE-p4 amd64  
# Hostname: freebsd.bruecko.de
auth_mechanisms = plain login digest-md5 cram-md5 apop
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890+.-_@
auth_verbose = yes
doveadm_password = # hidden, use -P to show it
doveadm_port = 54321
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = X-Original-To
lmtp_save_to_detail_mailbox = yes
mail_location = mdbox:~/mdbox
mail_plugins = " quota fts fts_xapian trash zlib notify replication acl"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace {
  hidden = no
  ignore_on_failure = no
  inbox = no
  list = children
  location = mdbox:%%h/mdbox
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace {
  location = mdbox:/virtualmail/public:INDEXPVT=%h/mdbox/Public
  prefix = Public/
  separator = /
  subscriptions = yes
  type = public
}
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix = INBOX/
  separator = /
}
passdb {
  args = /usr/local/etc/dovecot/master-users
  driver = passwd-file
  master = yes
  pass = yes
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
plugin {
  acl = vfile
  acl_anyone = allow
  acl_shared_dict = file:/virtualmail/shared-mailboxes.db
  fts = xapian
  fts_autoindex = yes
  fts_autoindex_exclude = \Trash
  fts_enforced = yes
  fts_xapian = partial=3 full=20 verbose=0
  mail_replica = tcps:mail.bruecko.de
  quota = dict:User quota::file:%h/dovecot-quota
  quota_exceeded_message = Storage quota for this account has been exceeded, please try again later.
  quota_grace = 250M
  quota_rule = *:storage=2500M
  quota_rule2 = INBOX/Trash:storage=+10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full / Mailbox ist voll
  quota_status_success = DUNNO
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  quota_warning3 = storage=75%% quota-warning 75 %u
  sieve = ~/dovecot.sieve
  sieve_dir = ~/sieve
  sieve_global_dir = /virtualmail
  sieve_max_actions = 0
  sieve_max_redirects = 128
  sieve_max_script_size = 0
  sieve_quota_max_scripts = 0
  trash = /usr/local/etc/dovecot/dovecot-trash.conf.ext
}
postmaster_address = admin at bruecko.de
protocols = imap pop3 lmtp sieve
replication_dsync_parameters = -d -N -l 30 -U -x Public
service aggregator {
  fifo_listener replication-notify-fifo {
    user = vmail
  }
  unix_listener replication-notify {
    user = vmail
  }
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
  }
  unix_listener auth-userdb {
    group = vmail
    user = vmail
  }
}
service decode2text {
  executable = script /usr/local/libexec/dovecot/decode2text.sh
  unix_listener decode2text {
    mode = 0666
  }
  user = dovecot
}
service doveadm {
  inet_listener {
    port = 54321
    ssl = yes
  }
  vsz_limit = 0
}
service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
}
service indexer-worker {
  vsz_limit = 2 G
}
service lmtp {
  inet_listener lmtp {
    address = 127.0.0.1
    port = 24
  }
  user = vmail
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  inet_listener sieve_deprecated {
    port = 2000
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 110
  }
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
    port = 12340
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
    user = vmail
  }
  user = vmail
}
service replicator {
  process_min_avail = 1
  unix_listener replicator-doveadm {
    mode = 0666
  }
}
ssl_cert = </usr/local/etc/dovecot/fullchain17.pem
ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_client_ca_dir = /etc/ssl/certs
ssl_key = # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
userdb {
  driver = prefetch
}
userdb {
  args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
verbose_proctitle = yes
protocol lmtp {
  mail_plugins = " quota fts fts_xapian trash zlib notify replication acl sieve"
}
protocol lda {
  mail_plugins = " quota fts fts_xapian trash zlib notify replication acl sieve"
}
protocol imap {
  mail_max_userip_connections = 100
  mail_plugins = " quota fts fts_xapian trash zlib notify replication acl imap_quota imap_zlib imap_acl"
}

Regards

Hanns

More information about the dovecot mailing list