dovecot: config: Error: BUG: Config client connection sent too much data
Hello, Today I started noticing a very odd Dovecot error in the mail logs across 2 replicated Dovecot hosts via dsync. I have searched the Dovecot archives, Google, back tracked, downgraded Dovecot to earlier versions from earlier this year and ruled everything out I could think of to no avail. There really are not any helpful reports with what I am specifically seeing. The strange thing is only vmail@domain.net is repeatedly shown in the log. The error looks like this. *Aug 24 22:46:02 orbitron dovecot: config: Error: BUG: Config client connection sent too much data****Aug 24 22:46:02 orbitron dovecot: doveadm(vmail@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net): Fatal: Error reading configuration: read(/var/run/dovecot/config) failed: read(size=8192) failed: Connection reset by peer*** $ dovecot --version 2.2.31 (65cde28) Dovecot #1: Linux kernel 4.9.36-x86_64 Dovecot #2: Linux kernel 4.12.8-x86_64 Here are the latest Dovecot updates performed this year. [2017-04-29 14:45] [ALPM] upgraded dovecot (2.2.28-2 -> 2.2.28-3) [2017-05-02 23:05] [ALPM] upgraded dovecot (2.2.28-3 -> 2.2.29.1-1) [2017-06-11 17:20] [ALPM] upgraded dovecot (2.2.29.1-1 -> 2.2.30.2-1) [2017-06-30 22:46] [ALPM] upgraded dovecot (2.2.30.2-1 -> 2.2.31-1) When Dovecot was last updated back on June 30, I did `systemctl daemon-reload` but never actually restarted the Dovecot daemon until what seems like today. The only thing I did today was edit /etc/dovecot/conf.d/10-auth.conf by simply enabling "*auth_username_format = %Lu*" which was commented out before I enabled it. That is the /*only*/ thing that I tested. After I was done testing I went back and commented out the same thing so it reads "*#auth_username_format = %Lu*" and of course restarted Dovecot. I really doubt this has anything to do with what I am reporting as auth is not the problem in this case. Thank You, Tony
> On August 25, 2017 at 9:11 AM Tony <tony@kode.email> wrote: > > > Hello, > > Today I started noticing a very odd Dovecot error in the mail logs > across 2 replicated Dovecot hosts via dsync. I have searched the Dovecot > archives, Google, back tracked, downgraded Dovecot to earlier versions > from earlier this year and ruled everything out I could think of to no > avail. There really are not any helpful reports with what I am > specifically seeing. The strange thing is only vmail@domain.net is > repeatedly shown in the log. The error looks like this. > > *Aug 24 22:46:02 orbitron dovecot: config: Error: BUG: Config client > connection sent too much data****Aug 24 22:46:02 orbitron dovecot: > doveadm(vmail@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net): > Fatal: Error reading configuration: read(/var/run/dovecot/config) > failed: read(size=8192) failed: Connection reset by peer*** > $ dovecot --version > 2.2.31 (65cde28) > > Dovecot #1: Linux kernel 4.9.36-x86_64 > Dovecot #2: Linux kernel 4.12.8-x86_64 > > Here are the latest Dovecot updates performed this year. > > [2017-04-29 14:45] [ALPM] upgraded dovecot (2.2.28-2 -> 2.2.28-3) > [2017-05-02 23:05] [ALPM] upgraded dovecot (2.2.28-3 -> 2.2.29.1-1) > [2017-06-11 17:20] [ALPM] upgraded dovecot (2.2.29.1-1 -> 2.2.30.2-1) > [2017-06-30 22:46] [ALPM] upgraded dovecot (2.2.30.2-1 -> 2.2.31-1) > > When Dovecot was last updated back on June 30, I did `systemctl > daemon-reload` but never actually restarted the Dovecot daemon until > what seems like today. The only thing I did today was edit > /etc/dovecot/conf.d/10-auth.conf by simply enabling > "*auth_username_format = %Lu*" which was commented out before I enabled > it. That is the /*only*/ thing that I tested. After I was done testing I > went back and commented out the same thing so it reads > "*#auth_username_format = %Lu*" and of course restarted Dovecot. I > really doubt this has anything to do with what I am reporting as auth is > not the problem in this case. > > > Thank You, > > Tony > Can you provide doveconf -n. Also auth_username_format=%Lu*, why *? Aki</tony@kode.email>
Hello, Absolutely. Here is the output of doveconf -n: # doveconf -n # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.19 (e5c7051) # OS: Linux 4.9.36-x86_64-linodexx x86_64 Arch Linux auth_mechanisms = plain login base_dir = /var/run/dovecot/ dict { expire = ldap:/etc/dovecot/dovecot-ldap.conf.ext quota = ldap:/etc/dovecot/dovecot-ldap.conf.ext } doveadm_password = # hidden, use -P to show it doveadm_port = 4343 mail_attachment_hash = %{sha256} mail_gid = vmail mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/ mail_plugins = " mailbox_alias acl quota stats mail_log notify replication" mail_privileged_group = mail mail_uid = vmail mailbox_list_index = yes maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext spamtest spamtestplus namespace inbox { inbox = yes location = mailbox Archive { special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Flagged { special_use = \Flagged } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox virtual/All { auto = no special_use = \All } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size mail_replica = tcp:orbitron.domain.net:4343 quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=2G quota_rule2 = Trash:storage=+10%% quota_rule3 = Spam:storage=+20%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_warning = storage=100%% quota-warning +100 %u quota_warning2 = storage=95%% quota-warning +95 %u quota_warning3 = storage=80%% quota-warning +80 %u quota_warning4 = -storage=100%% quota-warning -100 %u sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve sieve_extensions = +spamtest +spamtestplus +relational +comparator-i;ascii-numeric stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 lmtp sieve service aggregator { fifo_listener replication-notify-fifo { mode = 0666 user = vmail } unix_listener replication-notify { mode = 0666 user = vmail } } service auth { unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service config { unix_listener config { user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } user = root } service doveadm { inet_listener { port = 4343 } user = vmail } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { address = 66.175.xxx.xx 192.168.176.128 127.0.0.1 ::1 port = 24 } unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 vsz_limit = 64 M } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0666 } } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl_ca = </etc/dovecot/ssl/STAR_domain_net.ca-bundle ssl_cert = </etc/dovecot/ssl/STAR_domain_net.crt ssl_key = # hidden, use -P to show it userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = home=/home/vmail/%d/%u driver = ldap } protocol lmtp { mail_plugins = " mailbox_alias acl quota stats mail_log notify replication sieve" postmaster_address = postmaster@domain.email } protocol lda { mail_plugins = sieve quota postmaster_address = postmaster@domain.email syslog_facility = mail } protocol imap { mail_max_userip_connections = 10 mail_plugin_dir = /usr/lib/dovecot/modules mail_plugins = " mailbox_alias acl quota stats mail_log notify replication imap_quota" } protocol sieve { mail_max_userip_connections = 10 managesieve_implementation_string = Dovecot Pigeonhole managesieve_max_line_length = 65536 } The posted Dovecot configs are identical on both this host and the replica host. The only thing I tested but reverted was enabling `auth_username_format=%Lu` because I wanted to test logging in with username@domain which did work just fine, but I wanted to continue just logging in with only the username, so I commented the option and restarted dovecot so the option now looks like it does by default. #auth_username_format=%Lu Strange thing is that Dovecot appears to be working as expected (i.e still retrieving IMAP mail, can authenticate just fine, etc). Could this be a bug with my existing version of Dovecot? While spending time trying to resolve the annoying error I reported in the logs I looked over https://www.dovecot.org/doc/NEWS and only found 1 change for 2.2.32 related to Config: v2.2.32 2017-08-24 * config: Log a warning if plugin { key=no } is used explicitly. v2.3 will support "no" properly in plugin settings, but for now any value at all for a boolean plugin setting is treated as "yes", even if it's written as explicit "no". This change will now warn that it most likely won't work as intended. Thank You, Tony On 8/25/17 2:39 AM, Aki Tuomi wrote:
> On August 25, 2017 at 9:11 AM Tony <tony@kode.email> wrote: > > > Hello, > > Today I started noticing a very odd Dovecot error in the mail logs > across 2 replicated Dovecot hosts via dsync. I have searched the Dovecot > archives, Google, back tracked, downgraded Dovecot to earlier versions > from earlier this year and ruled everything out I could think of to no > avail. There really are not any helpful reports with what I am > specifically seeing. The strange thing is only vmail@domain.net is > repeatedly shown in the log. The error looks like this. > > *Aug 24 22:46:02 orbitron dovecot: config: Error: BUG: Config client > connection sent too much data****Aug 24 22:46:02 orbitron dovecot: > doveadm(vmail@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net): > Fatal: Error reading configuration: read(/var/run/dovecot/config) > failed: read(size=8192) failed: Connection reset by peer*** > $ dovecot --version > 2.2.31 (65cde28) > > Dovecot #1: Linux kernel 4.9.36-x86_64 > Dovecot #2: Linux kernel 4.12.8-x86_64 > > Here are the latest Dovecot updates performed this year. > > [2017-04-29 14:45] [ALPM] upgraded dovecot (2.2.28-2 -> 2.2.28-3) > [2017-05-02 23:05] [ALPM] upgraded dovecot (2.2.28-3 -> 2.2.29.1-1) > [2017-06-11 17:20] [ALPM] upgraded dovecot (2.2.29.1-1 -> 2.2.30.2-1) > [2017-06-30 22:46] [ALPM] upgraded dovecot (2.2.30.2-1 -> 2.2.31-1) > > When Dovecot was last updated back on June 30, I did `systemctl > daemon-reload` but never actually restarted the Dovecot daemon until > what seems like today. The only thing I did today was edit > /etc/dovecot/conf.d/10-auth.conf by simply enabling > "*auth_username_format = %Lu*" which was commented out before I enabled > it. That is the /*only*/ thing that I tested. After I was done testing I > went back and commented out the same thing so it reads > "*#auth_username_format = %Lu*" and of course restarted Dovecot. I > really doubt this has anything to do with what I am reporting as auth is > not the problem in this case. > > > Thank You, > > Tony >
Can you provide doveconf -n.
Also auth_username_format=%Lu*, why *?
Aki</tony@kode.email>
Did some additional testing with these results. * Configured a new Dovecot host (copied over existing config from 1 of the replicated hosts. * Verified permissions on new host drwxr-xr-x 3 root root 4096 Aug 26 00:05 /etc/dovecot/ drwxr-xr-x 5 root dovecot 800 Aug 26 02:50 /var/run/dovecot/ Made sure address matches new host: service lmtp { user = vmail inet_listener lmtp { address = 173.xxx.xxx.xxx 192.xxx.xxx.xxx 127.0.0.1 ::1 port = 24 } Verified replication is unrelated from new host: replication plugin = disabled (no errors) replication plugin = enabled (same error on existing replicated host, but not new host) new host serving Dovecot by itself with no replication: no errors new host serving Dovecot with replication (target: existing replication host): no errors (but existing host still gives errors) existing host serving Dovecot with replication: errors existing host serving Dovecot by itself with no replication: errors New Working Dovecot Instance: # ll /var/run/dovecot/ total 4 srw------- 1 root root 0 Aug 26 01:50 anvil srw------- 1 root root 0 Aug 26 01:50 anvil-auth-penalty srw------- 1 dovecot root 0 Aug 26 01:50 auth-client srw------- 1 dovecot root 0 Aug 26 01:50 auth-login srw------- 1 root root 0 Aug 26 01:50 auth-master -rw------- 1 root root 32 Aug 26 01:50 auth-token-secret.dat srw-rw---- 1 vmail vmail 0 Aug 26 01:50 auth-userdb srw------- 1 dovecot root 0 Aug 26 01:50 auth-worker srw------- 1 vmail root 0 Aug 26 01:50 config srw-rw---- 1 vmail vmail 0 Aug 26 01:50 dict srw------- 1 root root 0 Aug 26 01:50 dict-async srw------- 1 root root 0 Aug 26 01:50 director-admin srw------- 1 root root 0 Aug 26 01:50 director-userdb srw-rw-rw- 1 root root 0 Aug 26 01:50 dns-client srw------- 1 root root 0 Aug 26 01:50 doveadm-server lrwxrwxrwx 1 root root 25 Aug 26 01:50 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 40 Aug 26 01:49 empty srw------- 1 root root 0 Aug 26 01:50 imap-hibernate srw------- 1 root root 0 Aug 26 01:50 imap-master srw-rw-rw- 1 root root 0 Aug 26 01:50 imap-urlauth srw------- 1 dovecot root 0 Aug 26 01:50 imap-urlauth-worker srw-rw-rw- 1 root root 0 Aug 26 01:50 indexer srw------- 1 dovecot root 0 Aug 26 01:50 indexer-worker srw------- 1 root root 0 Aug 26 01:50 ipc srw-rw-rw- 1 root root 0 Aug 26 01:50 lmtp srw------- 1 root root 0 Aug 26 01:50 log-errors drwxr-x--- 2 root dovenull 160 Aug 26 01:50 login srw------- 1 root root 0 Aug 26 01:50 master srw------- 1 vmail root 0 Aug 26 01:50 quota-warning srw-rw-rw- 1 vmail root 0 Aug 26 01:50 replication-notify prw-rw-rw- 1 vmail root 0 Aug 26 01:50 replication-notify-fifo srw------- 1 dovecot root 0 Aug 26 01:50 replicator srw-rw-rw- 1 dovecot root 0 Aug 26 01:50 replicator-doveadm srw-rw-rw- 1 root root 0 Aug 26 01:50 ssl-params srw------- 1 root root 0 Aug 26 01:50 stats prw------- 1 vmail root 0 Aug 26 02:47 stats-mail prw------- 1 root root 0 Aug 26 01:50 stats-user drwxr-x--- 2 root dovenull 80 Aug 26 01:50 token-login Existing replicated instance with errors: # ll /var/run/dovecot/ total 8 srw------- 1 root root 0 Aug 26 03:31 anvil srw------- 1 root root 0 Aug 26 03:31 anvil-auth-penalty srw------- 1 dovecot root 0 Aug 26 03:31 auth-client srw------- 1 dovecot root 0 Aug 26 03:31 auth-login srw------- 1 root root 0 Aug 26 03:31 auth-master -rw------- 1 root root 32 Aug 26 02:11 auth-token-secret.dat srw-rw---- 1 vmail vmail 0 Aug 26 03:31 auth-userdb srw------- 1 dovecot root 0 Aug 26 03:31 auth-worker srw------- 1 vmail root 0 Aug 26 03:31 config srw-rw---- 1 vmail vmail 0 Aug 26 03:31 dict srw------- 1 root root 0 Aug 26 03:31 dict-async srw------- 1 root root 0 Aug 26 03:31 director-admin srw------- 1 root root 0 Aug 26 03:31 director-userdb srw-rw-rw- 1 root root 0 Aug 26 03:31 dns-client srw------- 1 root root 0 Aug 26 03:31 doveadm-server lrwxrwxrwx 1 root root 25 Aug 26 03:31 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 40 Aug 26 02:11 empty srw------- 1 root root 0 Aug 26 03:31 imap-hibernate srw------- 1 root root 0 Aug 26 03:31 imap-master srw-rw-rw- 1 root root 0 Aug 26 03:31 imap-urlauth srw------- 1 dovecot root 0 Aug 26 03:31 imap-urlauth-worker srw-rw-rw- 1 root root 0 Aug 26 03:31 indexer srw------- 1 dovecot root 0 Aug 26 03:31 indexer-worker srw------- 1 root root 0 Aug 26 03:31 ipc srw-rw-rw- 1 root root 0 Aug 26 03:31 lmtp srw------- 1 root root 0 Aug 26 03:31 log-errors drwxr-x--- 2 root dovenull 160 Aug 26 03:31 login srw------- 1 root root 0 Aug 26 03:31 master -rw------- 1 root root 5 Aug 26 03:31 master.pid srw------- 1 vmail root 0 Aug 26 03:31 quota-warning srw-rw-rw- 1 vmail root 0 Aug 26 03:31 replication-notify prw-rw-rw- 1 vmail root 0 Aug 26 03:44 replication-notify-fifo srw------- 1 dovecot root 0 Aug 26 03:31 replicator srw-rw-rw- 1 dovecot root 0 Aug 26 03:31 replicator-doveadm srw-rw-rw- 1 root root 0 Aug 26 03:31 ssl-params srw------- 1 root root 0 Aug 26 03:31 stats prw------- 1 vmail root 0 Aug 26 03:44 stats-mail prw------- 1 root root 0 Aug 26 03:31 stats-user drwxr-x--- 2 root dovenull 80 Aug 26 03:31 token-login The 2 existing replicated hosts continue to spit out the error ~5 min. The new host running the same Dovecot version on the same OS/distro did not get errors with and without replication. I have compared configs and permissions on both hosts which are identical and can't seem to find any distinct differences that would help explain the error. I have also tried clearing out Dovecot's index files on the 2 problematic hosts to no avail using: systemctl stop dovecot find "$home" -type f -name dovecot.index -delete find "$home" -type f -name dovecot.index.cache -delete find "$home" -type f -name dovecot.index.log -delete find "$home" -type f -name dovecot.index.log.2 -delete systemctl start dovecot Clearing the index files made no different as the error continues ~5 min. I can't wrap my head around this one and am not sure what else to try. - Tony On 8/25/17 9:40 AM, Tony wrote:
Hello,
Absolutely. Here is the output of doveconf -n:
# doveconf -n # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.19 (e5c7051) # OS: Linux 4.9.36-x86_64-linodexx x86_64 Arch Linux auth_mechanisms = plain login base_dir = /var/run/dovecot/ dict { expire = ldap:/etc/dovecot/dovecot-ldap.conf.ext quota = ldap:/etc/dovecot/dovecot-ldap.conf.ext } doveadm_password = # hidden, use -P to show it doveadm_port = 4343 mail_attachment_hash = %{sha256} mail_gid = vmail mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/ mail_plugins = " mailbox_alias acl quota stats mail_log notify replication" mail_privileged_group = mail mail_uid = vmail mailbox_list_index = yes maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext spamtest spamtestplus namespace inbox { inbox = yes location = mailbox Archive { special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Flagged { special_use = \Flagged } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox virtual/All { auto = no special_use = \All } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size mail_replica = tcp:orbitron.domain.net:4343 quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=2G quota_rule2 = Trash:storage=+10%% quota_rule3 = Spam:storage=+20%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_warning = storage=100%% quota-warning +100 %u quota_warning2 = storage=95%% quota-warning +95 %u quota_warning3 = storage=80%% quota-warning +80 %u quota_warning4 = -storage=100%% quota-warning -100 %u sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve sieve_extensions = +spamtest +spamtestplus +relational +comparator-i;ascii-numeric stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 lmtp sieve service aggregator { fifo_listener replication-notify-fifo { mode = 0666 user = vmail } unix_listener replication-notify { mode = 0666 user = vmail } } service auth { unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service config { unix_listener config { user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } user = root } service doveadm { inet_listener { port = 4343 } user = vmail } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { address = 66.175.xxx.xx 192.168.176.128 127.0.0.1 ::1 port = 24 } unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 vsz_limit = 64 M } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0666 } } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl_ca = </etc/dovecot/ssl/STAR_domain_net.ca-bundle ssl_cert = </etc/dovecot/ssl/STAR_domain_net.crt ssl_key = # hidden, use -P to show it userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = home=/home/vmail/%d/%u driver = ldap } protocol lmtp { mail_plugins = " mailbox_alias acl quota stats mail_log notify replication sieve" postmaster_address = postmaster@domain.email } protocol lda { mail_plugins = sieve quota postmaster_address = postmaster@domain.email syslog_facility = mail } protocol imap { mail_max_userip_connections = 10 mail_plugin_dir = /usr/lib/dovecot/modules mail_plugins = " mailbox_alias acl quota stats mail_log notify replication imap_quota" } protocol sieve { mail_max_userip_connections = 10 managesieve_implementation_string = Dovecot Pigeonhole managesieve_max_line_length = 65536 }
The posted Dovecot configs are identical on both this host and the replica host. The only thing I tested but reverted was enabling `auth_username_format=%Lu` because I wanted to test logging in with username@domain which did work just fine, but I wanted to continue just logging in with only the username, so I commented the option and restarted dovecot so the option now looks like it does by default.
#auth_username_format=%Lu
Strange thing is that Dovecot appears to be working as expected (i.e still retrieving IMAP mail, can authenticate just fine, etc). Could this be a bug with my existing version of Dovecot?
While spending time trying to resolve the annoying error I reported in the logs I looked over https://www.dovecot.org/doc/NEWS and only found 1 change for 2.2.32 related to Config:
v2.2.32 2017-08-24 * config: Log a warning if plugin { key=no } is used explicitly. v2.3 will support "no" properly in plugin settings, but for now any value at all for a boolean plugin setting is treated as "yes", even if it's written as explicit "no". This change will now warn that it most likely won't work as intended.
Thank You, Tony
On 8/25/17 2:39 AM, Aki Tuomi wrote:
> On August 25, 2017 at 9:11 AM Tony <tony@kode.email> wrote: > > > Hello, > > Today I started noticing a very odd Dovecot error in the mail logs > across 2 replicated Dovecot hosts via dsync. I have searched the Dovecot > archives, Google, back tracked, downgraded Dovecot to earlier versions > from earlier this year and ruled everything out I could think of to no > avail. There really are not any helpful reports with what I am > specifically seeing. The strange thing is only vmail@domain.net is > repeatedly shown in the log. The error looks like this. > > *Aug 24 22:46:02 orbitron dovecot: config: Error: BUG: Config client > connection sent too much data****Aug 24 22:46:02 orbitron dovecot: > doveadm(vmail@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net): > Fatal: Error reading configuration: read(/var/run/dovecot/config) > failed: read(size=8192) failed: Connection reset by peer*** > $ dovecot --version > 2.2.31 (65cde28) > > Dovecot #1: Linux kernel 4.9.36-x86_64 > Dovecot #2: Linux kernel 4.12.8-x86_64 > > Here are the latest Dovecot updates performed this year. > > [2017-04-29 14:45] [ALPM] upgraded dovecot (2.2.28-2 -> 2.2.28-3) > [2017-05-02 23:05] [ALPM] upgraded dovecot (2.2.28-3 -> 2.2.29.1-1) > [2017-06-11 17:20] [ALPM] upgraded dovecot (2.2.29.1-1 -> 2.2.30.2-1) > [2017-06-30 22:46] [ALPM] upgraded dovecot (2.2.30.2-1 -> 2.2.31-1) > > When Dovecot was last updated back on June 30, I did `systemctl > daemon-reload` but never actually restarted the Dovecot daemon until > what seems like today. The only thing I did today was edit > /etc/dovecot/conf.d/10-auth.conf by simply enabling > "*auth_username_format = %Lu*" which was commented out before I enabled > it. That is the /*only*/ thing that I tested. After I was done testing I > went back and commented out the same thing so it reads > "*#auth_username_format = %Lu*" and of course restarted Dovecot. I > really doubt this has anything to do with what I am reporting as auth is > not the problem in this case. > > > Thank You, > > Tony >
Can you provide doveconf -n.
Also auth_username_format=%Lu*, why *?
Aki</tony@kode.email>
It looks like the issue is fixed. It seems for whatever reason when I edited 10-auth.conf to uncomment auth_username_format = %Lu -- at some point the var was changed using an invalid format and Dovecot restarted. When auth_username_format had valid defined vars and Dovecot restarted, /var/lib/dovecot did not 'update' from what I could tell. It looks like /var/lib/dovecot somehow did not know about the updated correction made and even when having the option commented out as it continued to spit out errors ~5 min. Ultimately stopping dovecot and moving aside /var/lib/dovecot to dovecot.problem, then starting dovecot recreated /var/lib/dovecot. This now results in no more errors. Everything is good again. Sorry for the noise. Cheers, Tony > /etc/dovecot/conf.d/10-auth.conf by simply enabling > "*auth_username_format = %Lu*" On 8/26/17 3:58 AM, Tony wrote:
Did some additional testing with these results.
* Configured a new Dovecot host (copied over existing config from 1 of the replicated hosts. * Verified permissions on new host
drwxr-xr-x 3 root root 4096 Aug 26 00:05 /etc/dovecot/ drwxr-xr-x 5 root dovecot 800 Aug 26 02:50 /var/run/dovecot/
Made sure address matches new host:
service lmtp { user = vmail inet_listener lmtp { address = 173.xxx.xxx.xxx 192.xxx.xxx.xxx 127.0.0.1 ::1 port = 24 }
Verified replication is unrelated from new host:
replication plugin = disabled (no errors) replication plugin = enabled (same error on existing replicated host, but not new host)
new host serving Dovecot by itself with no replication: no errors new host serving Dovecot with replication (target: existing replication host): no errors (but existing host still gives errors)
existing host serving Dovecot with replication: errors existing host serving Dovecot by itself with no replication: errors
New Working Dovecot Instance:
# ll /var/run/dovecot/ total 4 srw------- 1 root root 0 Aug 26 01:50 anvil srw------- 1 root root 0 Aug 26 01:50 anvil-auth-penalty srw------- 1 dovecot root 0 Aug 26 01:50 auth-client srw------- 1 dovecot root 0 Aug 26 01:50 auth-login srw------- 1 root root 0 Aug 26 01:50 auth-master -rw------- 1 root root 32 Aug 26 01:50 auth-token-secret.dat srw-rw---- 1 vmail vmail 0 Aug 26 01:50 auth-userdb srw------- 1 dovecot root 0 Aug 26 01:50 auth-worker srw------- 1 vmail root 0 Aug 26 01:50 config srw-rw---- 1 vmail vmail 0 Aug 26 01:50 dict srw------- 1 root root 0 Aug 26 01:50 dict-async srw------- 1 root root 0 Aug 26 01:50 director-admin srw------- 1 root root 0 Aug 26 01:50 director-userdb srw-rw-rw- 1 root root 0 Aug 26 01:50 dns-client srw------- 1 root root 0 Aug 26 01:50 doveadm-server lrwxrwxrwx 1 root root 25 Aug 26 01:50 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 40 Aug 26 01:49 empty srw------- 1 root root 0 Aug 26 01:50 imap-hibernate srw------- 1 root root 0 Aug 26 01:50 imap-master srw-rw-rw- 1 root root 0 Aug 26 01:50 imap-urlauth srw------- 1 dovecot root 0 Aug 26 01:50 imap-urlauth-worker srw-rw-rw- 1 root root 0 Aug 26 01:50 indexer srw------- 1 dovecot root 0 Aug 26 01:50 indexer-worker srw------- 1 root root 0 Aug 26 01:50 ipc srw-rw-rw- 1 root root 0 Aug 26 01:50 lmtp srw------- 1 root root 0 Aug 26 01:50 log-errors drwxr-x--- 2 root dovenull 160 Aug 26 01:50 login srw------- 1 root root 0 Aug 26 01:50 master srw------- 1 vmail root 0 Aug 26 01:50 quota-warning srw-rw-rw- 1 vmail root 0 Aug 26 01:50 replication-notify prw-rw-rw- 1 vmail root 0 Aug 26 01:50 replication-notify-fifo srw------- 1 dovecot root 0 Aug 26 01:50 replicator srw-rw-rw- 1 dovecot root 0 Aug 26 01:50 replicator-doveadm srw-rw-rw- 1 root root 0 Aug 26 01:50 ssl-params srw------- 1 root root 0 Aug 26 01:50 stats prw------- 1 vmail root 0 Aug 26 02:47 stats-mail prw------- 1 root root 0 Aug 26 01:50 stats-user drwxr-x--- 2 root dovenull 80 Aug 26 01:50 token-login
Existing replicated instance with errors:
# ll /var/run/dovecot/ total 8 srw------- 1 root root 0 Aug 26 03:31 anvil srw------- 1 root root 0 Aug 26 03:31 anvil-auth-penalty srw------- 1 dovecot root 0 Aug 26 03:31 auth-client srw------- 1 dovecot root 0 Aug 26 03:31 auth-login srw------- 1 root root 0 Aug 26 03:31 auth-master -rw------- 1 root root 32 Aug 26 02:11 auth-token-secret.dat srw-rw---- 1 vmail vmail 0 Aug 26 03:31 auth-userdb srw------- 1 dovecot root 0 Aug 26 03:31 auth-worker srw------- 1 vmail root 0 Aug 26 03:31 config srw-rw---- 1 vmail vmail 0 Aug 26 03:31 dict srw------- 1 root root 0 Aug 26 03:31 dict-async srw------- 1 root root 0 Aug 26 03:31 director-admin srw------- 1 root root 0 Aug 26 03:31 director-userdb srw-rw-rw- 1 root root 0 Aug 26 03:31 dns-client srw------- 1 root root 0 Aug 26 03:31 doveadm-server lrwxrwxrwx 1 root root 25 Aug 26 03:31 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 40 Aug 26 02:11 empty srw------- 1 root root 0 Aug 26 03:31 imap-hibernate srw------- 1 root root 0 Aug 26 03:31 imap-master srw-rw-rw- 1 root root 0 Aug 26 03:31 imap-urlauth srw------- 1 dovecot root 0 Aug 26 03:31 imap-urlauth-worker srw-rw-rw- 1 root root 0 Aug 26 03:31 indexer srw------- 1 dovecot root 0 Aug 26 03:31 indexer-worker srw------- 1 root root 0 Aug 26 03:31 ipc srw-rw-rw- 1 root root 0 Aug 26 03:31 lmtp srw------- 1 root root 0 Aug 26 03:31 log-errors drwxr-x--- 2 root dovenull 160 Aug 26 03:31 login srw------- 1 root root 0 Aug 26 03:31 master -rw------- 1 root root 5 Aug 26 03:31 master.pid srw------- 1 vmail root 0 Aug 26 03:31 quota-warning srw-rw-rw- 1 vmail root 0 Aug 26 03:31 replication-notify prw-rw-rw- 1 vmail root 0 Aug 26 03:44 replication-notify-fifo srw------- 1 dovecot root 0 Aug 26 03:31 replicator srw-rw-rw- 1 dovecot root 0 Aug 26 03:31 replicator-doveadm srw-rw-rw- 1 root root 0 Aug 26 03:31 ssl-params srw------- 1 root root 0 Aug 26 03:31 stats prw------- 1 vmail root 0 Aug 26 03:44 stats-mail prw------- 1 root root 0 Aug 26 03:31 stats-user drwxr-x--- 2 root dovenull 80 Aug 26 03:31 token-login
The 2 existing replicated hosts continue to spit out the error ~5 min. The new host running the same Dovecot version on the same OS/distro did not get errors with and without replication. I have compared configs and permissions on both hosts which are identical and can't seem to find any distinct differences that would help explain the error. I have also tried clearing out Dovecot's index files on the 2 problematic hosts to no avail using:
systemctl stop dovecot find "$home" -type f -name dovecot.index -delete find "$home" -type f -name dovecot.index.cache -delete find "$home" -type f -name dovecot.index.log -delete find "$home" -type f -name dovecot.index.log.2 -delete systemctl start dovecot
Clearing the index files made no different as the error continues ~5 min.
I can't wrap my head around this one and am not sure what else to try.
- Tony
On 8/25/17 9:40 AM, Tony wrote:
Hello,
Absolutely. Here is the output of doveconf -n:
# doveconf -n # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.19 (e5c7051) # OS: Linux 4.9.36-x86_64-linodexx x86_64 Arch Linux auth_mechanisms = plain login base_dir = /var/run/dovecot/ dict { expire = ldap:/etc/dovecot/dovecot-ldap.conf.ext quota = ldap:/etc/dovecot/dovecot-ldap.conf.ext } doveadm_password = # hidden, use -P to show it doveadm_port = 4343 mail_attachment_hash = %{sha256} mail_gid = vmail mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/ mail_plugins = " mailbox_alias acl quota stats mail_log notify replication" mail_privileged_group = mail mail_uid = vmail mailbox_list_index = yes maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext spamtest spamtestplus namespace inbox { inbox = yes location = mailbox Archive { special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Flagged { special_use = \Flagged } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox virtual/All { auto = no special_use = \All } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size mail_replica = tcp:orbitron.domain.net:4343 quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=2G quota_rule2 = Trash:storage=+10%% quota_rule3 = Spam:storage=+20%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_warning = storage=100%% quota-warning +100 %u quota_warning2 = storage=95%% quota-warning +95 %u quota_warning3 = storage=80%% quota-warning +80 %u quota_warning4 = -storage=100%% quota-warning -100 %u sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve sieve_extensions = +spamtest +spamtestplus +relational +comparator-i;ascii-numeric stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 lmtp sieve service aggregator { fifo_listener replication-notify-fifo { mode = 0666 user = vmail } unix_listener replication-notify { mode = 0666 user = vmail } } service auth { unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service config { unix_listener config { user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } user = root } service doveadm { inet_listener { port = 4343 } user = vmail } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { address = 66.175.xxx.xx 192.168.176.128 127.0.0.1 ::1 port = 24 } unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 vsz_limit = 64 M } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0666 } } service stats { fifo_listener stats-mail { mode = 0600 user = vmail } } ssl_ca = </etc/dovecot/ssl/STAR_domain_net.ca-bundle ssl_cert = </etc/dovecot/ssl/STAR_domain_net.crt ssl_key = # hidden, use -P to show it userdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = home=/home/vmail/%d/%u driver = ldap } protocol lmtp { mail_plugins = " mailbox_alias acl quota stats mail_log notify replication sieve" postmaster_address = postmaster@domain.email } protocol lda { mail_plugins = sieve quota postmaster_address = postmaster@domain.email syslog_facility = mail } protocol imap { mail_max_userip_connections = 10 mail_plugin_dir = /usr/lib/dovecot/modules mail_plugins = " mailbox_alias acl quota stats mail_log notify replication imap_quota" } protocol sieve { mail_max_userip_connections = 10 managesieve_implementation_string = Dovecot Pigeonhole managesieve_max_line_length = 65536 }
The posted Dovecot configs are identical on both this host and the replica host. The only thing I tested but reverted was enabling `auth_username_format=%Lu` because I wanted to test logging in with username@domain which did work just fine, but I wanted to continue just logging in with only the username, so I commented the option and restarted dovecot so the option now looks like it does by default.
#auth_username_format=%Lu
Strange thing is that Dovecot appears to be working as expected (i.e still retrieving IMAP mail, can authenticate just fine, etc). Could this be a bug with my existing version of Dovecot?
While spending time trying to resolve the annoying error I reported in the logs I looked over https://www.dovecot.org/doc/NEWS and only found 1 change for 2.2.32 related to Config:
v2.2.32 2017-08-24 * config: Log a warning if plugin { key=no } is used explicitly. v2.3 will support "no" properly in plugin settings, but for now any value at all for a boolean plugin setting is treated as "yes", even if it's written as explicit "no". This change will now warn that it most likely won't work as intended.
Thank You, Tony
On 8/25/17 2:39 AM, Aki Tuomi wrote:
> On August 25, 2017 at 9:11 AM Tony <tony@kode.email> wrote: > > > Hello, > > Today I started noticing a very odd Dovecot error in the mail logs > across 2 replicated Dovecot hosts via dsync. I have searched the Dovecot > archives, Google, back tracked, downgraded Dovecot to earlier versions > from earlier this year and ruled everything out I could think of to no > avail. There really are not any helpful reports with what I am > specifically seeing. The strange thing is only vmail@domain.net is > repeatedly shown in the log. The error looks like this. > > *Aug 24 22:46:02 orbitron dovecot: config: Error: BUG: Config client > connection sent too much data****Aug 24 22:46:02 orbitron dovecot: > doveadm(vmail@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net@domain.net): > Fatal: Error reading configuration: read(/var/run/dovecot/config) > failed: read(size=8192) failed: Connection reset by peer*** > $ dovecot --version > 2.2.31 (65cde28) > > Dovecot #1: Linux kernel 4.9.36-x86_64 > Dovecot #2: Linux kernel 4.12.8-x86_64 > > Here are the latest Dovecot updates performed this year. > > [2017-04-29 14:45] [ALPM] upgraded dovecot (2.2.28-2 -> 2.2.28-3) > [2017-05-02 23:05] [ALPM] upgraded dovecot (2.2.28-3 -> 2.2.29.1-1) > [2017-06-11 17:20] [ALPM] upgraded dovecot (2.2.29.1-1 -> 2.2.30.2-1) > [2017-06-30 22:46] [ALPM] upgraded dovecot (2.2.30.2-1 -> 2.2.31-1) > > When Dovecot was last updated back on June 30, I did `systemctl > daemon-reload` but never actually restarted the Dovecot daemon until > what seems like today. The only thing I did today was edit > /etc/dovecot/conf.d/10-auth.conf by simply enabling > "*auth_username_format = %Lu*" which was commented out before I enabled > it. That is the /*only*/ thing that I tested. After I was done testing I > went back and commented out the same thing so it reads > "*#auth_username_format = %Lu*" and of course restarted Dovecot. I > really doubt this has anything to do with what I am reporting as auth is > not the problem in this case. > > > Thank You, > > Tony >
Can you provide doveconf -n.
Also auth_username_format=%Lu*, why *?
Aki</tony@kode.email>
participants (2)
-
Aki Tuomi
-
Tony