More on problems with new install
Sorry for having lost the original chain of this problem. It's been a very long day.
New output from 'dovecot -n output', including the contents of dovecot.conf, conf.d/10-master.conf, conf.d/10-mail.conf and conf.d/10-ssl.conf:
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: Linux 4.15.0-64-generic x86_64 Ubuntu 18.04.3 LTS ext4 auth_debug = yes auth_debug_passwords = yes first_valid_gid = 109 first_valid_uid = 105 last_valid_gid = 109 last_valid_uid = 105 log_path = /var/log/dovecot.log mail_debug = yes mail_gid = postfix mail_location = maildir:/var/mail/vmail/%d/%n mail_uid = postfix namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = " imap lmtp" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 1 } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { process_limit = 1024 } ssl = required ssl_cert = </etc/ssl/private/tgv2018.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } verbose_ssl = yes
The two key files are where it says they are, although the hidden one isn't shown, it's there and properly owned and permissioned.
Here's the only thing from tailing the log:
Oct 22 07:24:50 master: Info: Dovecot v2.2.33.2 (d6601f4ec) starting up for imap, lmtp (core dumps disabled)
This may help - from a message delivery failure email:
*** Begin ***
Message Delivery Failure This is an automatically generated Delivery Status Notification.
Delivery to the following recipients failed permanently:
* rock@theglobalvoice.info
Reason: There was an error while attempting to deliver your message with [Subject: "Testing again"] to rock@theglobalvoice.info. MTA p3plsmtpa11-09.prod.phx3.secureserver.net received this response from the destination host IP - 95.142.174.193 - 550 , 550 5.1.1 <rock@theglobalvoice.info>: Recipient address rejected: User unknown in local recipient table .
Reporting-MTA: dns; p3plsmtpa11-09.prod.phx3.secureserver.net [68.178.252.101] Received-From-MTA: dns; [192.168.1.140] [108.41.57.11] Arrival-Date: Mon, 21 Oct 2019 23:39:25 -0700
Final-recipient: rfc822; rock@theglobalvoice.info
Diagnostic-Code: smtp; 550 5.1.1 <rock@theglobalvoice.info>: Recipient address rejected: User unknown in local recipient table
Last-attempt-Date: Tue, 22 Oct 2019 00:23:38 -0700
Received: from [192.168.1.140] ([108.41.57.11]) by :SMTPAUTH: with ESMTPSA id MnpFiaSdxUnHgMnpFiYE6m; Mon, 21 Oct 2019 23:39:25 -0700 To: rock@theglobalvoice.info
From: Steve Matzura <number6@noisynotes.com>
Subject: Testing again Message-ID: <61b4f0c2-89fa-c4de-8288-871a8708f2d0@noisynotes.com>
Date: Tue, 22 Oct 2019 02:39:26 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-CMAE-Envelope: MS4wfC8H5kkZhXB1zicGDqvcQlC1Tl3lMTOcElvh0Efz70YGRgQalgb4N6/9XVLjnqOVd5XtxwgTWuvuCEhwp/JZ2oHrdLkl4d7unSyOefbSkgcd/M5tlQn5 m+FMjUC5HJopO89WJXHQNp0ruK6VmVwHwxMAn0YDVu4FQQqVIUkN6KVyOfdC/TYD6t6vxOqv2OUxKQ==
Subject: Testing again From: Steve Matzura <number6@noisynotes.com> Date: 10/22/2019, 2:39 AM To: rock@theglobalvoice.info Let's see what happens now.
*** End ***
There is no user 'rock', it's just a Postfix mailbox.
On 22.10.2019 10.33, Steve Matzura via dovecot wrote:
Sorry for having lost the original chain of this problem. It's been a very long day.
<snip/>
There is no user 'rock', it's just a Postfix mailbox.
You problem stems from dovecot doing user lookup using 'rock@theglobalvoice.info' which is why it breaks.
So, to fix this, and retain what you have configured you need to do bit silly config (this is hopefully getting fixed in 2.3 series at some point).
passdb { driver = static args = noauthenticate temp_user=%u user=%Ln }
passdb { driver = pam }
passdb { driver = static args = noautenticate user=%{passdb:temp_user} skip = unauthenticated }
Aki
I pasted that block at the end of dovecot.conf, restarted, and got the following in syslog:
Oct 22 08:24:32 tgvprod dovecot[7290]: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 106: Expecting '{' Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Failed with result 'exit-code'.
On 10/22/2019 4:00 AM, Aki Tuomi via dovecot wrote: block quote On 22.10.2019 10.33, Steve Matzura via dovecot wrote: block quote Sorry for having lost the original chain of this problem. It's been a very long day.
block quote end <snip/>
block quote There is no user 'rock', it's just a Postfix mailbox. block quote end You problem stems from dovecot doing user lookup using 'rock@theglobalvoice.info' which is why it breaks.
So, to fix this, and retain what you have configured you need to do bit silly config (this is hopefully getting fixed in 2.3 series at some point).
passdb { driver = static args = noauthenticate temp_user=%u user=%Ln }
passdb { driver = pam }
passdb { driver = static args = noautenticate user=%{passdb:temp_user} skip = unauthenticated }
Aki block quote end
Can you show what you ended up pasting?
Aki
On 22.10.2019 11.34, Steve Matzura via dovecot wrote:
I pasted that block at the end of dovecot.conf, restarted, and got the following in syslog:
Oct 22 08:24:32 tgvprod dovecot[7290]: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 106: Expecting '{' Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Failed with result 'exit-code'.
On 10/22/2019 4:00 AM, Aki Tuomi via dovecot wrote: block quote On 22.10.2019 10.33, Steve Matzura via dovecot wrote: block quote Sorry for having lost the original chain of this problem. It's been a very long day.
block quote end <snip/>
block quote There is no user 'rock', it's just a Postfix mailbox. block quote end You problem stems from dovecot doing user lookup using 'rock@theglobalvoice.info' which is why it breaks.
So, to fix this, and retain what you have configured you need to do bit silly config (this is hopefully getting fixed in 2.3 series at some point).
passdb { driver = static args = noauthenticate temp_user=%u user=%Ln }
passdb { driver = pam }
passdb { driver = static args = noautenticate user=%{passdb:temp_user} skip = unauthenticated }
Aki block quote end
It was the three passdb blocks you sent me.
On 10/22/2019 4:43 AM, Aki Tuomi via dovecot wrote:
Can you show what you ended up pasting?
Aki
On 22.10.2019 11.34, Steve Matzura via dovecot wrote:
I pasted that block at the end of dovecot.conf, restarted, and got the following in syslog:
Oct 22 08:24:32 tgvprod dovecot[7290]: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 106: Expecting '{' Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Failed with result 'exit-code'.
On 10/22/2019 4:00 AM, Aki Tuomi via dovecot wrote: block quote On 22.10.2019 10.33, Steve Matzura via dovecot wrote: block quote Sorry for having lost the original chain of this problem. It's been a very long day.
block quote end <snip/>
block quote There is no user 'rock', it's just a Postfix mailbox. block quote end You problem stems from dovecot doing user lookup using 'rock@theglobalvoice.info' which is why it breaks.
So, to fix this, and retain what you have configured you need to do bit silly config (this is hopefully getting fixed in 2.3 series at some point).
passdb { driver = static args = noauthenticate temp_user=%u user=%Ln }
passdb { driver = pam }
passdb { driver = static args = noautenticate user=%{passdb:temp_user} skip = unauthenticated }
Aki block quote end
Yes, well, can you paste your entire dovecot.conf file then? Remember to redact passwords.
Aki
On 22.10.2019 12.01, Steve Matzura via dovecot wrote:
It was the three passdb blocks you sent me.
On 10/22/2019 4:43 AM, Aki Tuomi via dovecot wrote:
Can you show what you ended up pasting?
Aki
On 22.10.2019 11.34, Steve Matzura via dovecot wrote:
I pasted that block at the end of dovecot.conf, restarted, and got the following in syslog:
Oct 22 08:24:32 tgvprod dovecot[7290]: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 106: Expecting '{' Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a Oct 22 08:24:32 tgvprod systemd[1]: dovecot.service: Failed with result 'exit-code'.
On 10/22/2019 4:00 AM, Aki Tuomi via dovecot wrote: block quote On 22.10.2019 10.33, Steve Matzura via dovecot wrote: block quote Sorry for having lost the original chain of this problem. It's been a very long day.
block quote end <snip/>
block quote There is no user 'rock', it's just a Postfix mailbox. block quote end You problem stems from dovecot doing user lookup using 'rock@theglobalvoice.info' which is why it breaks.
So, to fix this, and retain what you have configured you need to do bit silly config (this is hopefully getting fixed in 2.3 series at some point).
passdb { driver = static args = noauthenticate temp_user=%u user=%Ln }
passdb { driver = pam }
passdb { driver = static args = noautenticate user=%{passdb:temp_user} skip = unauthenticated }
Aki block quote end
It's really pretty empty; would you rather see some of the 10-*.conf files?
## Dovecot configuration file
# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration
# "doveconf -n" command gives a clean output of the changed settings. Use it # instead of copy&pasting files when posting to the Dovecot mailing list.
# '#' character and everything after it is treated as comments. Extra spaces # and tabs are ignored. If you want to use either of these explicitly, put the # value inside quotes, eg.: key = "# char and trailing whitespace "
# Most (but not all) settings can be overridden by different protocols and/or # source/destination IPs by placing the settings inside sections, for example: # protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }
# Default values are shown for each setting, it's not required to uncomment # those. These are exceptions to this though: No sections (e.g. namespace {}) # or plugin settings are added by default, they're listed only as examples. # Paths are also just examples with the real defaults being based on configure # options. The paths listed here are for configure --prefix=/usr # --sysconfdir=/etc --localstatedir=/var
# Enable installed protocols !include_try /usr/share/dovecot/protocols.d/*.protocol
# A comma separated list of IPs or hosts where to listen in for connections. # "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces. # If you want to specify non-default ports or anything more complex, # edit conf.d/master.conf. #listen = *, ::
# Base directory where to store runtime data. #base_dir = /var/run/dovecot/
# Name of this instance. In multi-instance setup doveadm and other commands # can use -i <instance_name> to select which instance is used (an alternative # to -c <config_path>). The instance name is also added to Dovecot processes # in ps output. #instance_name = dovecot
# Greeting message for clients. #login_greeting = Dovecot ready.
# Space separated list of trusted network ranges. Connections from these # IPs are allowed to override their IP addresses and ports (for logging and # for authentication checks). disable_plaintext_auth is also ignored for # these networks. Typically you'd specify your IMAP proxy servers here. #login_trusted_networks =
# Space separated list of login access check sockets (e.g. tcpwrap) #login_access_sockets =
# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do # proxying. This isn't necessary normally, but may be useful if the destination # IP is e.g. a load balancer's IP. #auth_proxy_self =
# Show more verbose process titles (in ps). Currently shows user name and # IP address. Useful for seeing who are actually using the IMAP processes # (eg. shared mailboxes or if same uid is used for multiple accounts). #verbose_proctitle = no
# Should all processes be killed when Dovecot master process shuts down. # Setting this to "no" means that Dovecot can be upgraded without # forcing existing client connections to close (although that could also be # a problem if the upgrade is e.g. because of a security fix). #shutdown_clients = yes
# If non-zero, run mail commands via this many connections to doveadm server, # instead of running them directly in the same process. #doveadm_worker_count = 0 # UNIX socket or host:port used for connecting to doveadm server #doveadm_socket_path = doveadm-server
# Space separated list of environment variables that are preserved on Dovecot # startup and passed down to all of its child processes. You can also give # key=value pairs to always set specific settings. #import_environment = TZ
## ## Dictionary server settings ##
# Dictionary can be used to store key=value lists. This is used by several # plugins. The dictionary can be accessed either directly or though a # dictionary server. The following dict block maps dictionary names to URIs # when the server is used. These can then be referenced using URIs in format # "proxy::<name>".
dict { #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext }
# Most of the actual configuration gets included below. The filenames are # first sorted by their ASCII value and parsed in that order. The 00-prefixes # in filenames are intended to make it easier to understand the ordering. !include conf.d/*.conf
# A config file can also tried to be included without giving an error if # it's not found: !include_try local.conf log_path = /var/log/dovecot.log
participants (2)
-
Aki Tuomi
-
Steve Matzura