Hi,
last friday I upgraded from dovecot-2.3.10.1_2 to dovecot-2.3.11.3 (FreeBSD).
Since then, I started having some issues with some customers.
The log I see is like:
pop3-login: Disconnected (tried to use unsupported auth mechanism): user=<username@domain.it>, method=USER, rip=x,y,x,z, lip=x,y,w,z, session=<e5KkR5qto8hPAL9q>
While, before upgrade, same user logged succesfully:
pop3-login: Login: user=<username@domain.it>, method=PLAIN, rip=x,y,x,z, lip=x,y,w,z, mpid=62876, session=<dMRmGWCtFtJtdcy6>
This is my conf (unchanged since months):
# dovecot -n # 2.3.11.3 (502c39af9): /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 12.1-RELEASE-p8 amd64 zfs # Hostname: server doveconf: Warning: please set ssl_dh=</usr/local/etc/dovecot/dh.pem doveconf: Warning: You can generate it with: dd if=/var/db/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /usr/local/etc/dovecot/dh.pem auth_mechanisms = plain login digest-md5 cram-md5 auth_verbose = yes auth_verbose_passwords = yes default_client_limit = 2000 default_process_limit = 500 default_vsz_limit = 512 M disable_plaintext_auth = no first_valid_gid = 125 first_valid_uid = 125 imap_id_log = * mail_gid = 1003 mail_location = maildir:/mail/domains mail_privileged_group = postfix mail_uid = 1003 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { args = /etc/dovecot/dovecot-sql-crypt.conf.ext driver = sql } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = postfix mode = 0600 user = postfix } } service imap { process_limit = 1024 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl_cert = </etc/ssl/wildcard.domain.net_bundle.crt ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { mail_max_userip_connections = 100 }
any help?
Thank you!
On Mon, Aug 24, 2020 at 17:11:04 +0200, absolutely_free@libero.it wrote:
Hi,
last friday I upgraded from dovecot-2.3.10.1_2 to dovecot-2.3.11.3 (FreeBSD).
Since then, I started having some issues with some customers.
The log I see is like:
pop3-login: Disconnected (tried to use unsupported auth mechanism): user=<username@domain.it>, method=USER, rip=x,y,x,z, lip=x,y,w,z, session=<e5KkR5qto8hPAL9q>
While, before upgrade, same user logged succesfully:
pop3-login: Login: user=<username@domain.it>, method=PLAIN, rip=x,y,x,z, lip=x,y,w,z, mpid=62876, session=<dMRmGWCtFtJtdcy6>
The only thing that comes to mind is the pop3 issue where an auth attempt after a failed auth attempt would always fail. I'm not sure why the client that's having issues is failing the first attempt (unless it tries an unsupported mechanism first, and then tries to fall back to PLAIN). Anyway, there is a fix on the master branch.
https://github.com/dovecot/core/commit/d0ea7f9f4530878a40ae0275cf0c36d3ff911...
You can try to patch the 2.3.11.3 code with it and see if that helps. 2.3.12 and 2.3.11.4 (if there is one) will have this fix.
Jeff.
-- mainframe, n.: An obsolete device still used by thousands of obsolete companies serving billions of obsolete customers and making huge obsolete profits for their obsolete shareholders. And this year's run twice as fast as last year's.
Thank you! I really appreciate your help
Il 24/08/2020 18:37 Josef 'Jeff' Sipek <jeff.sipek@open-xchange.com> ha scritto:
On Mon, Aug 24, 2020 at 17:11:04 +0200, absolutely_free@libero.it wrote:
Hi,
last friday I upgraded from dovecot-2.3.10.1_2 to dovecot-2.3.11.3 (FreeBSD).
Since then, I started having some issues with some customers.
The log I see is like:
pop3-login: Disconnected (tried to use unsupported auth mechanism): user=<username@domain.it>, method=USER, rip=x,y,x,z, lip=x,y,w,z, session=<e5KkR5qto8hPAL9q>
While, before upgrade, same user logged succesfully:
pop3-login: Login: user=<username@domain.it>, method=PLAIN, rip=x,y,x,z, lip=x,y,w,z, mpid=62876, session=<dMRmGWCtFtJtdcy6>
The only thing that comes to mind is the pop3 issue where an auth attempt after a failed auth attempt would always fail. I'm not sure why the client that's having issues is failing the first attempt (unless it tries an unsupported mechanism first, and then tries to fall back to PLAIN). Anyway, there is a fix on the master branch.
https://github.com/dovecot/core/commit/d0ea7f9f4530878a40ae0275cf0c36d3ff911...
You can try to patch the 2.3.11.3 code with it and see if that helps. 2.3.12 and 2.3.11.4 (if there is one) will have this fix.
Jeff.
-- mainframe, n.: An obsolete device still used by thousands of obsolete companies serving billions of obsolete customers and making huge obsolete profits for their obsolete shareholders. And this year's run twice as fast as last year's.
participants (2)
-
absolutely_free@libero.it
-
Josef 'Jeff' Sipek