[Dovecot] dovecot imap hangs

russ russ at cttechhosting.net
Tue Nov 27 03:12:47 EET 2007


It just happened again and Squirrelmail reported:

*ERROR: Connection dropped by IMAP server.

*I see no errors in /var/log/maillog and I get the same timeout 
happening in squirrelmail as well as thunderbird. Please help!!!

Russ
> All,
>
> I recently did a fresh install/setup on centos 5 to replace my older 
> courier-imap and all seemed to go well until today I started to notice 
> that it simply hangs. I use thunderbird and squirrel mail and after a 
> while it seems like I"m simply rejected. I'm almost guessing that it 
> has to do with the session timing out and then dovecot is unwilling or 
> unable to renew the session. I can't login and there is little or no 
> information in the logs. I've set up a cron job to restart dovecot 
> every 5 minutes to deal with this for now.
>
> I'm new to dovecot, what sort of info should I send to you guys?
>
> I'm using centos 5, qmail-ldap and Maildir for my mail format.
>
> OpenLDAP: slapd 2.3.27
> dovecot-1.0-1.2.rc15.el5
>
> my /etc/dovecot.conf
> ===================
> mail_location = maildir:%h
> namespace private {
>  prefix = INBOX.
>  inbox = yes
> }
> mail_debug = yes
> maildir_copy_with_hardlinks = yes
> auth default {
> mechanisms = plain
> passdb ldap {
>    # Path for LDAP configuration file, see doc/dovecot-ldap.conf for 
> example
>    args = /etc/dovecot-ldap.conf
>  }
> userdb ldap {
>        args = /etc/dovecot-ldap.conf
>  }
> }
> ===================
> my dovecot-ldap.conf
> ===================
>
> # This file is opened as root, so it should be owned by root and mode 
> 0600.
> #
> # NOTE: If you're not using authentication binds, you'll need to give
> # dovecot-auth read access to userPassword field in the LDAP server.
> # With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There 
> should
> # already be something like this:
>
> # access to attribute=userPassword
> #        by dn="<dovecot's dn>" read # add this
> #        by anonymous auth
> #        by self write
> #        by * none
>
> # Space separated list of LDAP hosts to use. host:port is allowed too.
> hosts =127.0.0.1:389
>
> # LDAP URIs to use. You can use this instead of hosts list. Note that 
> this
> # setting isn't supported by all LDAP libraries.
> #uris =
> # Distinguished Name - the username used to login to the LDAP server
> #dn = dn=cn=Manager,dc=cttechhosting,dc=net
> dnpass=secret
>
> # Password for LDAP server
> #dnpass =
> # Use SASL binding instead of the simple binding. Note that this changes
> # ldap_version automatically to be 3 if it's lower. Also note that 
> SASL binds
> # and auth_bind=yes don't work together.
> #sasl_bind = no
> # SASL mechanism name to use.
> #sasl_mech =
> # SASL realm to use.
> #sasl_realm =
> # SASL authorization ID, ie. the dnpass is for this "master user", but 
> the
> # dn is still the logged in user. Normally you want to keep this empty.
> #sasl_authz_id =
>
> # Use authentication binding for verifying password's validity. This 
> works by
> # logging into LDAP server using the username and password given by 
> client.
> # The pass_filter is used to find the DN for the user. Note that the 
> pass_attrs
> # is still used, only the password field is ignored in it. Before 
> doing any
> # search, the binding is switched back to the default DN.
> auth_bind = yes
>
> # If authentication binding is used, you can save one LDAP request per 
> login
> # if users' DN can be specified with a common template. The template 
> can use
> # the standard %variables (see user_filter). Note that you can't
> # use any pass_attrs if you use this setting.
> #
> # If you use this setting, it's a good idea to use a different
> # dovecot-ldap.conf for userdb (it can even be a symlink, just as long 
> as the
> # filename is different in userdb's args). That way one connection is 
> used only
> # for LDAP binds and another connection is used for user lookups. 
> Otherwise
> # the binding is changed to the default DN before each user lookup.
> #
> # For example:
> #   auth_bind_userdn = cn=%u,ou=people,o=org
> #
> auth_bind_userdn = uid=%u,ou=accounts,dc=cttechhosting,dc=net
>
> # LDAP protocol version to use. Likely 2 or 3.
> #ldap_version = 2
> ldap_version=3
>
> # LDAP base. %variables can be used here.
> base = ou=accounts,dc=cttechhosting,dc=net
>
> # Dereference: never, searching, finding, always
> #deref = never
>
> # Search scope: base, onelevel, subtree
> #scope = subtree
>
> # User attributes are given in LDAP-name=dovecot-internal-name list. The
> # internal names are:
> #   uid - System UID
> #   gid - System GID
> #   home - Home directory
> #   mail - Mail location
> #
> # There are also other special fields which can be returned, see
> # http://wiki.dovecot.org/UserDatabase/ExtraFields
> user_attrs = 
> mailMessageStore=home,qmailUID=uid,qmailGID=gid,mailMessageStore=mail
>
> # Filter for user lookup. Some variables can be used (see
> # http://wiki.dovecot.org/Variables for full list):
> #   %u - username
> #   %n - user part in user at domain, same as %u if there's no domain
> #   %d - domain part in user at domain, empty if user there's no domain
> user_filter = (&(objectClass=qmailUser)(uid=%u))
>
> # Password checking attributes:
> #  user: Virtual user name (user at domain), if you wish to change the
> #        user-given username to something else
> #  password: Password, may optionally start with {type}, eg. {crypt}
> # There are also other special fields which can be returned, see
> # http://wiki.dovecot.org/PasswordDatabase/ExtraFields
> pass_attrs = mail=user,userPassword=password
>
> # If you wish to avoid two LDAP lookups (passdb + userdb), you can use
> # userdb prefetch instead of userdb ldap in dovecot.conf. In that case 
> you'll
> # also have to include user_attrs in pass_attrs field prefixed with 
> "userdb_"
> # string. For example:
> #pass_attrs = 
> uid=user,userPassword=password,homeDirectory=userdb_home,qmailUID=userdb_uid,qmailGID=userdb_gid 
>
>
> # Filter for password lookups
> pass_filter = (&(objectClass=qmailUser)(uid=%u))
>
> # Default password scheme. "{scheme}" before password overrides this.
> # List of supported schemes is in: http://wiki.dovecot.org/Authentication
> default_pass_scheme = LDAP-SHA
>
> # You can use same UID and GID for all user accounts if you really 
> want to.
> # If the UID/GID is still found from LDAP reply, it overrides these 
> values.
> #user_global_uid = =========================
> #user_global_gid =
> ===================
>
>



More information about the dovecot mailing list