Hmm, can this be related to SMTP brute force attack attempts and Postfix, using conf:
smtpd_junk_command_limit = 2 smtpd_error_sleep_time = 15s smtpd_soft_error_limit = 5 smtpd_hard_error_limit = 10 smtpd_client_connection_count_limit = 5 smtpd_client_connection_rate_limit = 30
cuts connection and Dovecot gives error. But since Postfix conf have been same for a long time and these errors came with Dovecot 2.3.3, then seems I just must ignore them, however the error type is a bit spooky (like debug message), so maybe some human readable explanation in logs would be better. :).
Timo Sirainen wrote:
On 26 Nov 2018, at 13.16, Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
Auth process is not constantly being shutdown and/or restarted and Dovecot is used for SMTP authentication (Postfix).
Checked few servers logs, they are running v2.3.3, for example latest (some day none, some day a lot, some day few) logs:
Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250f15f0 leaked (parent=(nil)): auth-client-connection.c:338 I suppose these are happening because of:
dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s) Which probably happens when Postfix disconnects from Dovecot before the authentication has finished.
I can reproduce these if I set up PAM authentication and then do:
doveadm auth test testuser wrongpass <ctrl-c>
Repeat the above a few times. Each time logs:
Nov 26 13:36:13.588354 auth: Warning: auth client 0 disconnected with 1 pending requests: EOF
Then stop Dovecot (or auth process at least):
Nov 26 13:36:23.403778 auth: Warning: Event 0x561565277db0 leaked (parent=(nil)): auth-client-connection.c:338
-- Mart