Op 14-11-2023 om 14:35 schreef Aki Tuomi:
On 14/11/2023 14:59 EET Kees van Vloten <keesvanvloten@gmail.com> wrote:
Hi all,
After upgrading Debian Bullseye (Dovecot 2.3.13) to Bookworm (Dovcecot 2.3.19), submission-login returns an error on Kerberos authentication: "Client sent invalid command: Command line is too long".
When I initially set this up on Bullseye I have seen the same issue, but adding "imap_max_line_length = 2M" solved it.
Now with 2.3.19 kerberos authentication still works (with this setting) for imap connections but it stopped working for submission.
Is there a new config setting for submission-login that I missed? Or is this a bug in 2.3.19?
- Kees.
You are probably running into a client-side issue. SMTP RFC says that all commands, including sasl ir, must be at most 998 bytes. Can you check if the client is sending AUTH KERBEROS which is longer than 998 lines?
After AUTH KERBEROS you can send longer lines.
Aki
I did another test: I have just downgraded the dovecot packages to the version in Bullseye, i.e. 2.3.19 -> 2.3.13, without making any other change.
This solved the issue! Thunderbird (which was not even restarted) can now send mails again.
Unfortunately it is not such a good solution as I would rather have more recent packages :-)
@aki, do you still think the culprit is in the client?
- Kees.