Limit IMAP/IMAPS listening IPs
Hello list.
I am running dovecot v2.2.13 on debian 8.8;
I tried to add a "address =" statement for only localhost and one private IP, but then I got a complaint from system:
dovecot[20515]: Error: systemd listens on port 143, but it's not configured in Dovecot. Closing.
What is the proper way to resolve this?
TIA & Regards,
Dudi
Dudi Goldenberg wrote:
Hello list.
I am running dovecot v2.2.13 on debian 8.8;
I tried to add a "address =" statement for only localhost and one private IP, but then I got a complaint from system:
dovecot[20515]: Error: systemd listens on port 143, but it's not configured in Dovecot. Closing.
What is the proper way to resolve this?
I suggest to use iptables for this.
-- Mart
On 2017-06-24 17:59, Dudi Goldenberg wrote:
Hello list.
I am running dovecot v2.2.13 on debian 8.8;
I tried to add a "address =" statement for only localhost and one private IP, but then I got a complaint from system:
dovecot[20515]: Error: systemd listens on port 143, but it's not configured in Dovecot. Closing.
What is the proper way to resolve this?
$ mkdir -p /etc/systemd/system/dovecot.socket.d $ vim /etc/systemd/system/dovecot.socket.d/ports.conf
content:
[Socket] # unset all ports defined in the global file ListenStream= # add our new ports ListenStream=[1.2.3.4]:143
$ systemctl daemon-reload $ systemctl restart dovecot.socket dovecot.service
-- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
Hi,
What is the proper way to resolve this?
$ mkdir -p /etc/systemd/system/dovecot.socket.d $ vim /etc/systemd/system/dovecot.socket.d/ports.conf
content:
[Socket] # unset all ports defined in the global file ListenStream= # add our new ports ListenStream=[1.2.3.4]:143
$ systemctl daemon-reload $ systemctl restart dovecot.socket dovecot.service
Thanks for the prompt reply!
How do I specify more than 1 IP? I'd like 127.0.0.1 and say 192.168.1.100 only.
Regards,
Dudi
This is why sane admins don't use the *EVIL* systemd
Thankfully there are still some modern distros that refuse to touch it.
Name sounds cute, the idea sounded OK, but the reality is, its a _REDACTED_ useless pile of REDACTED REDACTED REDACTED
On Sun, Jun 25, 2017 at 3:59 AM, Dudi Goldenberg <dudi@kolcore.com> wrote:
Hello list.
I am running dovecot v2.2.13 on debian 8.8;
I tried to add a "address =" statement for only localhost and one private IP, but then I got a complaint from system:
dovecot[20515]: Error: systemd listens on port 143, but it's not configured in Dovecot. Closing.
What is the proper way to resolve this?
TIA & Regards,
Dudi
Hi,
I'm confused about FTS. https://wiki.dovecot.org/Tools/Doveadm/Index say's:
"Messages can also be added automatically to full text search index using:
plugin { ... fts_autoindex = yes }"
So I added "fts_autoindex = yes" into dovecot.conf (I'm using single config file). That's it? How to test FTS? Or I still must use some external indexing server?
-- Mart
Hi Mart,
I think it’s a bit more… you might want to refer to https://wiki.dovecot.org/Plugins/FTS <https://wiki.dovecot.org/Plugins/FTS>
You only mentioned the function to automatically start indexing. Nothing about were this should actually happen. We are using Solr…
mail_plugins = $mail_plugins fts fts_solr
and: plugin { fts = solr fts_solr = url=http://solr.example.org:8983/solr/ }
The autoindex does nothing more than automatically sending incoming mails to the FTS index system. Solr is external while Lucene is library based and saved inside the mailbox hierarchy. There even is an implementation for Elasticsearch.
For all options… you might want to observe the logs once it has been enabled.
Philon
Am 03.07.2017 um 13:34 schrieb Mart Pirita <sysadmin@e-positive.ee>:
Hi,
I'm confused about FTS. https://wiki.dovecot.org/Tools/Doveadm/Index say's:
"Messages can also be added automatically to full text search index using:
plugin { ... fts_autoindex = yes }"
So I added "fts_autoindex = yes" into dovecot.conf (I'm using single config file). That's it? How to test FTS? Or I still must use some external indexing server?
-- Mart
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259
Aki Tuomi wrote:
On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee>> wrote:
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart
Hi! It's harmless event leak. This is a known issue to us.
Aki Tuomi
-- Mart
On November 3, 2018 at 9:41 AM Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259
If using something like rsyslog, it is trivial to filter out unwanted entries.
michael
Aki Tuomi wrote:
On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee>> wrote:
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart
Hi! It's harmless event leak. This is a known issue to us.
Hi,
I'm not using rsyslog and instead of hiding, this event leak should be fixed.
Michael Slusarz wrote:
On November 3, 2018 at 9:41 AM Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259 If using something like rsyslog, it is trivial to filter out unwanted entries.
michael
Aki Tuomi wrote:
On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee>> wrote:
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart Hi! It's harmless event leak. This is a known issue to us.
-- Mart
It will be fixed.
Aki
On 6.11.2018 8.57, Mart Pirita wrote:
Hi,
I'm not using rsyslog and instead of hiding, this event leak should be fixed.
Michael Slusarz wrote:
On November 3, 2018 at 9:41 AM Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259 If using something like rsyslog, it is trivial to filter out unwanted entries.
michael
Aki Tuomi wrote:
On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee>> wrote:
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart Hi! It's harmless event leak. This is a known issue to us.
Hi,
FYI, this is not fixed in v2.3.4:
Nov 23 16:03:24 xxx dovecot: master: Dovecot v2.3.4 (0ecbaf23d) starting up for imap, pop3, lmtp (core dumps disabled) Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80c2f28 leaked (parent=(nil)): auth-client-connection.c:338 Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80d71e0 leaked (parent=(nil)): auth-client-connection.c:338 Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80c3220 leaked (parent=(nil)): auth-client-connection.c:338
...
Aki Tuomi wrote:
It will be fixed.
Aki
On 6.11.2018 8.57, Mart Pirita wrote:
Hi,
I'm not using rsyslog and instead of hiding, this event leak should be fixed.
Michael Slusarz wrote:
On November 3, 2018 at 9:41 AM Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259 If using something like rsyslog, it is trivial to filter out unwanted entries.
michael
Aki Tuomi wrote:
On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee>> wrote:
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart Hi! It's harmless event leak. This is a known issue to us.
-- Mart
On November 23, 2018 at 7:06 AM Mart Pirita <sysadmin@e-positive.ee> wrote:
FYI, this is not fixed in v2.3.4:
Correct. This is not a critical issue, so it will be fixed eventually but was not a priority for this release.
michael
Nov 23 16:03:24 xxx dovecot: master: Dovecot v2.3.4 (0ecbaf23d) starting up for imap, pop3, lmtp (core dumps disabled) Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80c2f28 leaked (parent=(nil)): auth-client-connection.c:338 Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80d71e0 leaked (parent=(nil)): auth-client-connection.c:338 Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80c3220 leaked (parent=(nil)): auth-client-connection.c:338
...
Aki Tuomi wrote:
It will be fixed.
Aki
On 6.11.2018 8.57, Mart Pirita wrote:
Hi,
I'm not using rsyslog and instead of hiding, this event leak should be fixed.
Michael Slusarz wrote:
On November 3, 2018 at 9:41 AM Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259 If using something like rsyslog, it is trivial to filter out unwanted entries.
michael
Aki Tuomi wrote:
> On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee > <mailto:sysadmin@e-positive.ee>> wrote: > > > Hi, > > > Noticed with latest v2.3.3 some new warning in logs, for example: > > dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): > auth-client-connection.c:338: 1 Time(s) > dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): > auth-client-connection.c:338: 1 Time(s) > dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): > auth-client-connection.c:338: 1 Time(s) > dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): > auth-client-connection.c:338: 1 Time(s) > dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): > auth-client-connection.c:338: 1 Time(s) > dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): > auth-client-connection.c:338: 1 Time(s) > dovecot: auth: Warning: auth client 0 disconnected with 1 pending > requests: EOF: 12 Time(s) > > > What are they? > > > -- > Mart Hi! It's harmless event leak. This is a known issue to us.
-- Mart
Hi,
Build options - --sysconfdir=/etc/dovecot
doveconf -Pn > dovecot-new.conf doveconf: Fatal: open(/etc/dovecot/dovecot/dovecot.conf) failed: No such file or directory
I can make a symlink, but first I'd like to know is this a bug or misconfiguration.
-- Mart
Hello,
Am 07.11.2018 um 14:04 schrieb Mart Pirita:
Hi,
Build options - --sysconfdir=/etc/dovecot you should use --sysconfdir=/etc sysconfig is path to sysconfig, not dovecotconfig.
doveconf -Pn > dovecot-new.conf doveconf: Fatal: open(/etc/dovecot/dovecot/dovecot.conf) failed: No such file or directory
I can make a symlink, but first I'd like to know is this a bug or misconfiguration.
Hajo
Hi,
You are right, recompiled with correct path.
Hajo Locke wrote:
Hello,
Am 07.11.2018 um 14:04 schrieb Mart Pirita:
Hi,
Build options - --sysconfdir=/etc/dovecot you should use --sysconfdir=/etc sysconfig is path to sysconfig, not dovecotconfig. doveconf -Pn > dovecot-new.conf doveconf: Fatal: open(/etc/dovecot/dovecot/dovecot.conf) failed: No such file or directory
I can make a symlink, but first I'd like to know is this a bug or misconfiguration.
Hajo
-- Mart
On 3 Nov 2018, at 17.41, Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259
Actually this specific event leak isn't a known issue. I don't really understand how it could happen. These event leaks are supposed to be checked only at process deinit. Is the auth process constantly being shutdown and restarted? What's your doveconf -n? Are you using Dovecot for SMTP authentication or some other external auth?
Aki Tuomi wrote:
On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee> <mailto:sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee>>> wrote:
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart
Hi! It's harmless event leak. This is a known issue to us.
Aki Tuomi
-- Mart
Hi,
Auth process is not constantly being shutdown and/or restarted and Dovecot is used for SMTP authentication (Postfix).
Checked few servers logs, they are running v2.3.3, for example latest (some day none, some day a lot, some day few) logs:
Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250f15f0 leaked (parent=(nil)): auth-client-connection.c:338 Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250ddc50 leaked (parent=(nil)): auth-client-connection.c:338 Nov 25 22:55:38 server1 dovecot: auth: Warning: Event 0x2b374a7bafb0 leaked (parent=(nil)): auth-client-connection.c:338 Nov 26 03:08:24 server1 dovecot: auth: Warning: Event 0x2b9b89e79040 leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb1ac370 leaked (parent=(nil)): auth-client-connection.c:338 Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb18eeb0 leaked (parent=(nil)): auth-client-connection.c:338 Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb183490 leaked (parent=(nil)): auth-client-connection.c:338 Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb18a900 leaked (parent=(nil)): auth-client-connection.c:338 Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb193d20 leaked (parent=(nil)): auth-client-connection.c:338
Conf:
# 2.3.3 (dcead646b): /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-419.el5 x86_64 CentOS release 5.11 (Final) auth_cache_size = 1 k auth_failure_delay = 1 mins auth_mechanisms = plain login base_dir = /var/run/dovecot/ disable_plaintext_auth = no listen = * login_log_format_elements = %u %r %m %c mail_location = maildir:~/Maildir mail_log_prefix = "%s(%u): " mail_plugins = " mail_log notify" mbox_very_dirty_syncs = yes passdb { args = cache_key=#hidden_use-P_to_show# * driver = pam } plugin { autocreate = Drafts autocreate2 = Sent Items autosubscribe = Drafts autosubscribe2 = Sent Items fts_autoindex = yes mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size from subject vsize flags } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = </etc/ssl/certs/mail.ca.crt ssl_cert = </etc/ssl/certs/mail.fullchain.cer ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes state_dir = /var/run/dovecot userdb { driver = passwd } protocol imap { imap_client_workarounds = tb-extra-mailbox-sep delay-newmail imap_logout_format = %{rip}, bytes=%i/%o, del=%{deleted} mail_max_userip_connections = 90 } protocol pop3 { mail_max_userip_connections = 9 pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_logout_format = bytes=%i/%o, del=%d/%m, size=%s }
Timo Sirainen wrote:
On 3 Nov 2018, at 17.41, Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
But this harmless is spamming logs, so how to disable it:
grep auth-client-connection.c:338 maillog | wc -l 1259 Actually this specific event leak isn't a known issue. I don't really understand how it could happen. These event leaks are supposed to be checked only at process deinit. Is the auth process constantly being shutdown and restarted? What's your doveconf -n? Are you using Dovecot for SMTP authentication or some other external auth?
Aki Tuomi wrote:
On 03 November 2018 at 12:12 Mart Pirita < sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee> <mailto:sysadmin@e-positive.ee <mailto:sysadmin@e-positive.ee>>> wrote:
Hi,
Noticed with latest v2.3.3 some new warning in logs, for example:
dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
What are they?
-- Mart Hi! It's harmless event leak. This is a known issue to us.
Aki Tuomi
Mart
-- Mart
On 26 Nov 2018, at 13.16, Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
Auth process is not constantly being shutdown and/or restarted and Dovecot is used for SMTP authentication (Postfix).
Checked few servers logs, they are running v2.3.3, for example latest (some day none, some day a lot, some day few) logs:
Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250f15f0 leaked (parent=(nil)): auth-client-connection.c:338
I suppose these are happening because of:
dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s)
Which probably happens when Postfix disconnects from Dovecot before the authentication has finished.
I can reproduce these if I set up PAM authentication and then do:
doveadm auth test testuser wrongpass <ctrl-c>
Repeat the above a few times. Each time logs:
Nov 26 13:36:13.588354 auth: Warning: auth client 0 disconnected with 1 pending requests: EOF
Then stop Dovecot (or auth process at least):
Nov 26 13:36:23.403778 auth: Warning: Event 0x561565277db0 leaked (parent=(nil)): auth-client-connection.c:338
Hmm, can this be related to SMTP brute force attack attempts and Postfix, using conf:
smtpd_junk_command_limit = 2 smtpd_error_sleep_time = 15s smtpd_soft_error_limit = 5 smtpd_hard_error_limit = 10 smtpd_client_connection_count_limit = 5 smtpd_client_connection_rate_limit = 30
cuts connection and Dovecot gives error. But since Postfix conf have been same for a long time and these errors came with Dovecot 2.3.3, then seems I just must ignore them, however the error type is a bit spooky (like debug message), so maybe some human readable explanation in logs would be better. :).
Timo Sirainen wrote:
On 26 Nov 2018, at 13.16, Mart Pirita <sysadmin@e-positive.ee> wrote:
Hi,
Auth process is not constantly being shutdown and/or restarted and Dovecot is used for SMTP authentication (Postfix).
Checked few servers logs, they are running v2.3.3, for example latest (some day none, some day a lot, some day few) logs:
Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250f15f0 leaked (parent=(nil)): auth-client-connection.c:338 I suppose these are happening because of:
dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s) Which probably happens when Postfix disconnects from Dovecot before the authentication has finished.
I can reproduce these if I set up PAM authentication and then do:
doveadm auth test testuser wrongpass <ctrl-c>
Repeat the above a few times. Each time logs:
Nov 26 13:36:13.588354 auth: Warning: auth client 0 disconnected with 1 pending requests: EOF
Then stop Dovecot (or auth process at least):
Nov 26 13:36:23.403778 auth: Warning: Event 0x561565277db0 leaked (parent=(nil)): auth-client-connection.c:338
-- Mart
participants (9)
-
Aki Tuomi
-
Dudi Goldenberg
-
Hajo Locke
-
Marcus Rueckert
-
Mart Pirita
-
Michael Slusarz
-
Nick Edwards
-
Philon
-
Timo Sirainen