[Dovecot] Bug? auth(default) Authentication client gave a PID of existing connection
Hello,
My first time on this list, just switched from courier imap/pop3 system to dovecot. Imap part is great, pop3 seems to suffer, been fighting it for a week.
Anyway, the reason for this post is that I have seen these pop up in my logs, and on one of my mailheads there were some 50 lines of this
dovecot: 2008-10-26 09:33:54 Error: auth(default): BUG: Authentication client gave a PID 15661 of existing connection
Is this really a bug or anything to be concerned with? I just installed 1.1.5.
I am using Debian lenny/sid on amd64, phenom 9850 4g ram, nfs mounted maildir format xfs storage.
On Sun, 2008-10-26 at 09:45 -0700, Brandon Lamb wrote:
Anyway, the reason for this post is that I have seen these pop up in my logs, and on one of my mailheads there were some 50 lines of this
But it doesn't happen all the time?
dovecot: 2008-10-26 09:33:54 Error: auth(default): BUG: Authentication client gave a PID 15661 of existing connection
Does it log anything else than this? Are you running multiple Dovecots? Post your dovecot -n output?
I am using Debian lenny/sid on amd64,
Is it a standard Debian/kernel.org kernel or have you done some modifications? This isn't a virtual machine?
On Sun, Oct 26, 2008 at 9:54 AM, Timo Sirainen <tss@iki.fi> wrote:
On Sun, 2008-10-26 at 09:45 -0700, Brandon Lamb wrote:
Anyway, the reason for this post is that I have seen these pop up in my logs, and on one of my mailheads there were some 50 lines of this
But it doesn't happen all the time?
dovecot: 2008-10-26 09:33:54 Error: auth(default): BUG: Authentication client gave a PID 15661 of existing connection
Does it log anything else than this? Are you running multiple Dovecots? Post your dovecot -n output?
I am using Debian lenny/sid on amd64,
Is it a standard Debian/kernel.org kernel or have you done some modifications? This isn't a virtual machine?
I have four amd64 boxes, amd 9850, 4 gig ram, Debian lenny/sid running 2.6.26-1-amd64, using LVS to load balance pop3, imap, smtp traffic. NFS mailstore, 2 gige cards, eth1 being the private nfs backend network, eth0 is what talks to the world.
dovecot config: # 1.1.5: /etc/dovecot/dovecot.conf base_dir: /var/run/dovecot/ log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/info.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 listen(default): 208.200.248.2 208.200.248.7 listen(imap): 208.200.248.2 208.200.248.7 listen(pop3): 208.200.248.2 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_greeting: Hello there. login_log_format_elements: <%u> <%r> login_log_format: %s login_process_size: 96 login_processes_count: 15 login_max_processes_count: 256 valid_chroot_dirs: /mail/mail mail_max_userip_connections(default): 15 mail_max_userip_connections(imap): 15 mail_max_userip_connections(pop3): 4 verbose_proctitle: yes first_valid_uid: 8 last_valid_uid: 8 first_valid_gid: 8 last_valid_gid: 8 mail_access_groups: mail mail_privileged_group: mail mail_uid: 8 mail_gid: 8 mail_location: maildir:~/:INDEX=/dovecot-index mailbox_idle_check_interval: 60 mail_save_crlf: yes mmap_disable: yes mail_nfs_storage: yes mailbox_list_index_disable: no mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_log_prefix: %Ls <%u>: imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): pop3_no_flag_updates(default): no pop3_no_flag_updates(imap): no pop3_no_flag_updates(pop3): yes pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format(default): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(imap): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(pop3): retr=%r/%b, del=%d/%m, size=%s auth default: mechanisms: plain login default_realm: olypen.com cache_size: 8192 cache_ttl: 300 worker_max_count: 60 passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/run/dovecot/auth-client mode: 438 user: mail group: mail master: path: /var/run/dovecot/auth-master mode: 438 user: mail group: mail plugin: quota: maildir quota_rule: Trash:ignore quota_rule2: Sent:ignore quota_rule3: Spam:ignore quota_rule4: Archive:ignore quota_rule5: Sent Items:ignore quota_rule6: Deleted Items:ignore auth_socket_path: /var/run/dovecot/auth-master
On Sun, 2008-10-26 at 10:02 -0700, Brandon Lamb wrote:
I have four amd64 boxes, amd 9850, 4 gig ram, Debian lenny/sid running 2.6.26-1-amd64, using LVS to load balance pop3, imap, smtp traffic. NFS mailstore, 2 gige cards, eth1 being the private nfs backend network, eth0 is what talks to the world.
So the load balancer is randomly assigning the user to different servers? Not really the preferred setup. I guess you've read http://wiki.dovecot.org/NFS?
login_processes_count: 15 login_max_processes_count: 256
This problem and possibly others could maybe be solved by using the high performance mode as described by http://wiki.dovecot.org/LoginProcess
mail_location: maildir:~/:INDEX=/dovecot-index
Are index files on local disk or on NFS?
mail_save_crlf: yes
This adds some extra disk I/O, probably better to set to "no" unless you have a good reason.
mmap_disable: yes mail_nfs_storage: yes
If indexes are on NFS, you should have mail_nfs_index=yes too.
mailbox_list_index_disable: no
These aren't actually always disabled since the code is buggy..
BTW. Are you using Dovecot's deliver for new mails?
So the load balancer is randomly assigning the user to different servers? Not really the preferred setup. I guess you've read http://wiki.dovecot.org/NFS? Yes, in our previous setup we just used round robin and it seemed to be fine, never had load problems (using courier). After switching to dovecot I had tried both, while trying to narrow down the problem to the pop3 I had set only 1 machine to handle all pop3 and I got a call the next morning from support and the load was 511.
login_processes_count: 15 login_max_processes_count: 256
This problem and possibly others could maybe be solved by using the high performance mode as described by http://wiki.dovecot.org/LoginProcess
I tried this the same night that I had a single pop3 box, it ran out of processes I think was what the log said, so I switched back to the current settings.
mail_location: maildir:~/:INDEX=/dovecot-index
Are index files on local disk or on NFS?
Yes, although I set INDEX=MEMORY for pop3 section after reading that on one of the google search results
mail_save_crlf: yes
This adds some extra disk I/O, probably better to set to "no" unless you have a good reason.
I forgot why I had enabled this, I just turned it off though.
mmap_disable: yes mail_nfs_storage: yes
If indexes are on NFS, you should have mail_nfs_index=yes too.
I had this enabled as well until I read the index=memory thing and then disabled it. I just now turned it on again.
mailbox_list_index_disable: no
These aren't actually always disabled since the code is buggy..
I tried searching for what this did or what it meant but didnt find anything helpful. Should I set manually set this to yes or leave it?
BTW. Are you using Dovecot's deliver for new mails?
No I am just using exim 4.69 to deliver directly to maildir
Ok, made the change to the client.c and updated dovecot.conf with your suggestions, I'll let it ride out another few days and see where it puts me!
Thanks for the instant replies, that is very cool. Im hoping this all smooths out. Other than some upsets I am totally digging dovecot
On Sun, Oct 26, 2008 at 9:54 AM, Timo Sirainen <tss@iki.fi> wrote:
On Sun, 2008-10-26 at 09:45 -0700, Brandon Lamb wrote:
Anyway, the reason for this post is that I have seen these pop up in my logs, and on one of my mailheads there were some 50 lines of this
But it doesn't happen all the time?
dovecot: 2008-10-26 09:33:54 Error: auth(default): BUG: Authentication client gave a PID 15661 of existing connection
Does it log anything else than this? Are you running multiple Dovecots? Post your dovecot -n output?
I am using Debian lenny/sid on amd64,
Is it a standard Debian/kernel.org kernel or have you done some modifications? This isn't a virtual machine?
Ive been fighting with the pop3 part of dovecot for the past 2 weeks, and I have tried and changed so many things that to be honest Im feeling a little bonkers and if you see anything obviously wrong in my config feel free to chastise me.
The error does not happen every time no, but I have been clearing the log file a lot because this system has been unstable, having high loads, running out of auth connections, I have been having chdir (/mail/mail/usersmaildir) blocked for 12 seconds, I have seen my max connectiosn for auth workers I think it was run out, that was when I had a 511 load.
I didnt know if i was under some kind of pop3 connection attack or what. Im dreading having to tell my boss that we need to go back to courier pop3... UGH.
I was able to have a single P4 3ghz server be our pop3 server, now one quad core double the ram box running dovecot as the pop3 server is falling over, am I just doing something totally wrong here? /frustrated ramble ramble....
participants (2)
-
Brandon Lamb
-
Timo Sirainen