Hello,
I've unfortunately been unable to find anything relating to the problem I'm having specifically, in searching the list or google, and so I now plead to you to assistance.
I'm running Dovecot as an LDA and SASL auth for Postfix on a Debian 4 box. Dovecot is version 1.0.rc15 (the official debian pkg version).
The problem I'm running into is this. After some time of running (lately it's been as little as 5 minutes), I start to see the following errors in dovecot.log:
deliver(user@domain.com): "Dec 23 14:38:47 "Error: User request from dovecot-auth timed out deliver(anotheruser@domain.com): "Dec 23 14:38:48 "Error: User request from dovecot-auth timed out
Postfix responds to these by simply deferring the messages. Dovecot itself, however, begins to return 'Authentication failed' messages after significant lag time (sometimes greater than 30s):
Connected to localhost. Escape character is '^]'. +OK Dovecot-POP user username +OK pass mypassword -ERR Authentication failed.
Now, for authentication, Dovecot is using LDAP on the local server. The only additional information I can find pertaining to these errors is the following from slapd.log:
slapd[22593]: connection_input: conn=6 deferring operation: pending operations
These messages correspond 1-to-1 to the above 'deliver' errors, where 'conn' is always the same number. Restarting dovecot and ldap resolves the issue for a few minutes, but sure enough the errors start flowing again.
I'm really at the end of my rope on this, as nothing I do seems to help. I have a good 500+ customers being effected by this as well, and they're all none too pleased by it. If this is something that will absolutely be resolved by upgrading from source, that is doable, but we'd prefer to stick with the official package version if possible.
Dovecot configs follow
Thanks, J. Fox
----- configs follow -----
dovecot.conf
auth_verbose = yes auth_debug = yes auth_debug_passwords = yes mail_debug = no
base_dir = /var/run/dovecot/ protocols = imap imaps pop3 pop3s protocol lda { postmaster_address = postmaster@spiritone.com auth_socket_path = /var/run/dovecot/auth-master log_path = /var/log/dovecot.log info_log_path = /var/log/mail.info } listen = * shutdown_clients = yes mmap_disable = yes lock_method = dotlock maildir_copy_with_hardlinks = no log_path = /var/log/dovecot.log info_log_path = /var/log/mail.log log_timestamp = "%b %d %H:%M:%S " syslog_facility = mail auth_default_realm = involved.com disable_plaintext_auth = no ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem login_chroot = yes valid_chroot_dirs = /home/vmail/ login_user = postfix login_process_per_connection = yes login_processes_count = 2 login_max_processes_count = 64 login_max_connections = 128 login_greeting = Involved login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c login_log_format = %$: %s default_mail_env = maildir:/home/vmail/domains/%d/%u first_valid_uid = 103 pop3_uidl_format = %08Xu%08Xv auth_cache_size = 10485760 auth_cache_ttl = 3600 auth_worker_max_count = 10 #auth_worker_max_request_count = 50 auth default { mechanisms = PLAIN LOGIN passdb ldap { args = /etc/dovecot/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0666 user = vmail group = vmail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } user = vmail }
dovecot-ldap.conf
hosts = localhost auth_bind = yes auth_bind_userdn = cn=%n,ou=%d,ou=mail,dc=domain,dc=com ldap_version = 3 base = ou=mail,dc=domain,dc=com dn = cn=Manager,dc=domain,dc=com dnpass = secret deref = never scope = subtree pass_attrs = mail=user,userPassword=password user_filter = (&(objectClass=VirtualMailAccount)(accountActive=TRUE)(mail=%u)) pass_filter = (&(objectClass=VirtualMailAccount)(accountActive=TRUE)(mail=%u)) user_global_uid = 1001 user_global_gid = 1001
---end---