[Dovecot] Authentication failed (migrate from 2.0.13 to 2.0.17)
Hi,
I use OpenBSD 5.1, roundcube 0.7.2 and dovecot 2.0.17 (684381041dc4+), mysql.
I get the following error when i try to connect to imap :
roundcube: IMAP Error: Login failed for testing@mydomain.net from 192.168.0.92. AUTHENTICATE PLAIN: Authentication failed. in /var/www/webmail/roundcubemail-0.7.2/program/include/rcube_imap.php on line 205 (POST /webmail/?_task=login&_action=login)
dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, TLS Jul 2 15:19:13 mx dovecot: auth-worker: mysql(localhost): Connected to database mail Jul 2 15:19:15 mx dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Can you help me please ?
Here my config files :
*dovecot-sql.conf driver = mysql connect = host=localhost dbname=mail user=postfix password=postfix default_pass_scheme = PLAIN password_query = SELECT email as user, password FROM users WHERE email = '%u' user_query = SELECT id as uid, id as gid, home, concat('*:storage=', quota, 'M') AS quota_rule FROM users WHERE email = '%u'
*dovecot.conf #i use this on OpenBSD 5.0 and dovecot 2.0.13, works, but it doesn't seem to work with this version :-( # 2.0.13: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.0 i386 ffs auth_mechanisms = plain login digest-md5 cram-md5 apop auth_debug=yes base_dir = /var/dovecot/ first_valid_uid = 1000 mail_location = maildir:/var/mailserv/mail/%d/%n mmap_disable = yes passdb { args = /etc/dovecot-sql.conf driver = sql } plugin { antispam_mail_notspam = --ham antispam_mail_sendmail = /usr/local/bin/sa-learn
antispam_mail_sendmail_args = --username=%u antispam_mail_spam = --spam antispam_mail_tmpdir = /tmp antispam_signature = X-Spam-Flag
antispam_signature_missing = move antispam_spam = SPAM;Spam;spam;Junk;junk antispam_trash = trash;Trash;Deleted Items; Deleted Messages autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts quota = maildir
quota_rule = *:storage=5G quota_rule2 = Trash:storage=+100M
quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95
quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap sieve pop3 service auth { unix_listener /var/run/dovecot-auth-master { group = _dovecot mode = 0666 user = _dovecot }
unix_listener /var/spool/postfix/private/auth { group = _postfix mode = 0660 user = _postfix }
}
service imap-login { service_count = 0 #user = _dovecot vsz_limit = 64 M } service pop3-login { service_count = 0
#user = _dovecot vsz_limit = 64 M } ssl_cert =ssl_cipher_list = HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 ssl_key = userdb { args = /etc/dovecot-sql.conf driver = sql }
#userdb { # driver = passwd #}
protocol imap { imap_client_workarounds = delay-newmail
mail_plugins = quota imap_quota autocreate } protocol pop3 {
mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xv%08Xu } protocol lda {
auth_socket_path = /var/run/dovecot-auth-master mail_plugins = $mail_plugins sieve postmaster_address = postmaster@mx.itdebug.net
sendmail_path = /usr/sbin/sendmail }
default_login_user = _dovenull default_internal_user = _dovecot
## ## ManageSieve specific settings ##
# Service definitions service managesieve-login {
inet_listener sieve { port = 4190 }
inet_listener sieve_deprecated { port = 2000 } }
service managesieve { #Max. number of ManageSieve processes (connections) #process_count = 1024 }
# Service configuration protocol sieve { }
Thank you very much.
-- Wesley
On 2.7.2012, at 16.51, Dovecot user wrote:
imap-login: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, TLS Jul 2 15:19:13 mx dovecot: auth-worker: mysql(localhost): Connected to database mail Jul 2 15:19:15 mx dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Can you help me please ?
Isn't there anything more in the logs? It should at the very least say "password mismatch".. CRAM-MD5 authentication is a bit annoying to debug though. But I haven't touched its code for a long time, so it shouldn't have gotten broken.
There's no way to troubleshoot this error ?
I use the same config file for dovecot 2.0.13, all works. Perhaps in 2.0.17, something is missing in my config file, or there's new keyword... ??
'dovecot -n' give me : auth_mechanisms = plain login digest-md5 cram-md5 apop base_dir = /var/dovecot/ first_valid_uid = 1000 mail_location = maildir:/var/mailserv/mail/%d/%n managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = /etc/dovecot-sql.conf driver = sql } plugin { antispam_mail_notspam = --ham antispam_mail_sendmail = /usr/local/bin/sa-learn
antispam_mail_sendmail_args = --username=%u antispam_mail_spam = --spam antispam_mail_tmpdir = /tmp antispam_signature = X-Spam-Flag
antispam_signature_missing = move antispam_spam = SPAM;Spam;spam;Junk;junk antispam_trash = trash;Trash;Deleted Items; Deleted Messages autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts quota = maildir
quota_rule = *:storage=5G quota_rule2 = Trash:storage=+100M
quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95
quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap sieve pop3 service auth { unix_listener /var/run/dovecot-auth-master { group = _dovecot mode = 0666 user = _dovecot } unix_listener /var/spool/postfix/private/auth { group = _postfix mode = 0660 user = _postfix } } service imap-login { service_count = 0 vsz_limit = 64 M } service managesieve-login { inet_listener sieve { port = 4190 }
inet_listener sieve_deprecated { port = 2000 } } service pop3-login {
service_count = 0 vsz_limit = 64 M } ssl_cert =
driver = sql } protocol imap { imap_client_workarounds = delay-newmail
mail_plugins = quota imap_quota autocreate } protocol pop3 {
mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xv%08Xu } protocol lda {
auth_socket_path = /var/run/dovecot-auth-master mail_plugins = " sieve" postmaster_address = info@obrazec.cz sendmail_path = /usr/sbin/sendmail }
any idea ? Thank you very much.
--
On 03.07.2012 01:55, Timo Sirainen wrote:
On 2.7.2012, at 16.51, Dovecot user wrote:
imap-login: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=127.0.0.1, lip=127.0.0.1, TLS Jul 2 15:19:13 mx dovecot: auth-worker: mysql(localhost): Connected to database mail Jul 2 15:19:15 mx dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Can you help me please ?
Isn't there anything more in the logs? It should at the very least say "password mismatch".. CRAM-MD5 authentication is a bit annoying to debug though. But I haven't touched its code for a long time, so it shouldn't have gotten broken.
On 3.7.2012, at 7.37, Dovecot user wrote:
There's no way to troubleshoot this error ?
Set auth_debug_passwords=yes and show all of the log entries from a failed login. Preferably use a test password so it won't be exposed. :)
I use the same config file for dovecot 2.0.13, all works. Perhaps in 2.0.17, something is missing in my config file, or there's new keyword... ??
No, the configuration is identical between those version. The CRAM-MD5 code is also identical between those versions. I guess there could be some other seemingly unrelated change that might have broken it for some reason.
I tried to do the same 'dovecot -n' (dovecot 2.0.13, same config file) : # 2.0.13: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.0 i386 ffs auth_mechanisms = plain login digest-md5 cram-md5 apop base_dir = /var/dovecot/ default_internal_user = _dovecot default_login_user = _dovenull first_valid_uid = 1000 mail_location = maildir:/var/mailserv/mail/%d/%n
With dovecot 2.0.17 :
# 2.0.17 (684381041dc4+): /etc/dovecot/dovecot.conf # OS: OpenBSD 5.1 i386 ffs auth_mechanisms = plain login digest-md5 cram-md5 apop base_dir = /var/dovecot/ first_valid_uid = 1000 mail_location = maildir:/var/mailserv/mail/%d/%n
Is it normal that there are no lines : "default_internal_user = _dovecot" & "default_login_user = _dovenull" ??
I will try "auth_debug_passwords=yes", keep you informed.
Again, thank you very much.
-- Wesley
On 03.07.2012 08:54, Timo Sirainen wrote:
On 3.7.2012, at 7.37, Dovecot user wrote:
There's no way to troubleshoot this error ?
Set auth_debug_passwords=yes and show all of the log entries from a failed login. Preferably use a test password so it won't be exposed. :)
I use the same config file for dovecot 2.0.13, all works. Perhaps in 2.0.17, something is missing in my config file, or there's new keyword... ??
No, the configuration is identical between those version. The CRAM-MD5 code is also identical between those versions. I guess there could be some other seemingly unrelated change that might have broken it for some reason.
On 3.7.2012, at 8.00, Dovecot user wrote:
I tried to do the same 'dovecot -n' (dovecot 2.0.13, same config file) :
Oh, are you saying that the difference isn't just the Dovecot version, but that they are completely different systems with (somewhat) different settings also? That's much more likely the problem than the version number.
Is it normal that there are no lines : "default_internal_user = _dovecot" & "default_login_user = _dovenull"
Normal enough. It's then using the Dovecot's defaults which are "dovecot" and "dovenull".
I will try "auth_debug_passwords=yes", keep you informed.
Look at this output in your 2.0.13 setup and in 2.0.17 setup and see what the differences are.
i just get this error : dovecot: imap-login: Aborted login (auth failed, 1 attempts): method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured root@mx:/var/log # date
IMAP Error: Login failed for testing@mydomain.net from 192.168.0.92. Authentication failed. in /var/www/webmail/roundcubemail-0.7.2/program/include/rcube_imap.php on line 205 (POST /webmail/?_task=login&_action=login)
On 03.07.2012 09:20, Timo Sirainen wrote:
On 3.7.2012, at 8.00, Dovecot user wrote:
I tried to do the same 'dovecot -n' (dovecot 2.0.13, same config file) :
Oh, are you saying that the difference isn't just the Dovecot version, but that they are completely different systems with (somewhat) different settings also? That's much more likely the problem than the version number.
Is it normal that there are no lines : "default_internal_user = _dovecot" & "default_login_user = _dovenull"
Normal enough. It's then using the Dovecot's defaults which are "dovecot" and "dovenull".
With auth_debug_passwords=yes you'll get a lot more in the log. If you don't see, you're not looking into the correct file. Make sure you look into the debug log as shown by "doveadm log find".
On 3.7.2012, at 8.34, Dovecot user wrote:
i just get this error : dovecot: imap-login: Aborted login (auth failed, 1 attempts): method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured root@mx:/var/log # date
IMAP Error: Login failed for testing@mydomain.net from 192.168.0.92. Authentication failed. in /var/www/webmail/roundcubemail-0.7.2/program/include/rcube_imap.php on line 205 (POST /webmail/?_task=login&_action=login)
On 03.07.2012 09:20, Timo Sirainen wrote:
On 3.7.2012, at 8.00, Dovecot user wrote:
I tried to do the same 'dovecot -n' (dovecot 2.0.13, same config file) :
Oh, are you saying that the difference isn't just the Dovecot version, but that they are completely different systems with (somewhat) different settings also? That's much more likely the problem than the version number.
Is it normal that there are no lines : "default_internal_user = _dovecot" & "default_login_user = _dovenull"
Normal enough. It's then using the Dovecot's defaults which are "dovecot" and "dovenull".
participants (2)
-
Dovecot user
-
Timo Sirainen