[Dovecot] Dovecot-auth timeouts
Javier Fox
jfox at corp.spiritone.com
Wed Dec 24 00:50:01 EET 2008
Hello,
I've unfortunately been unable to find anything relating to the problem I'm having specifically, in searching the list or google, and so I now plead to you to assistance.
I'm running Dovecot as an LDA and SASL auth for Postfix on a Debian 4 box. Dovecot is version 1.0.rc15 (the official debian pkg version).
The problem I'm running into is this. After some time of running (lately it's been as little as 5 minutes), I start to see the following errors in dovecot.log:
deliver(user at domain.com): "Dec 23 14:38:47 "Error: User request from dovecot-auth timed out
deliver(anotheruser at domain.com): "Dec 23 14:38:48 "Error: User request from dovecot-auth timed out
Postfix responds to these by simply deferring the messages. Dovecot itself, however, begins to return 'Authentication failed' messages after significant lag time (sometimes greater than 30s):
Connected to localhost.
Escape character is '^]'.
+OK Dovecot-POP
user username
+OK
pass mypassword
-ERR Authentication failed.
Now, for authentication, Dovecot is using LDAP on the local server. The only additional information I can find pertaining to these errors is the following from slapd.log:
slapd[22593]: connection_input: conn=6 deferring operation: pending operations
These messages correspond 1-to-1 to the above 'deliver' errors, where 'conn' is always the same number. Restarting dovecot and ldap resolves the issue for a few minutes, but sure enough the errors start flowing again.
I'm really at the end of my rope on this, as nothing I do seems to help. I have a good 500+ customers being effected by this as well, and they're all none too pleased by it. If this is something that will absolutely be resolved by upgrading from source, that is doable, but we'd prefer to stick with the official package version if possible.
Dovecot configs follow
Thanks,
J. Fox
----- configs follow -----
dovecot.conf
------------
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
mail_debug = no
base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
protocol lda {
postmaster_address = postmaster at spiritone.com
auth_socket_path = /var/run/dovecot/auth-master
log_path = /var/log/dovecot.log
info_log_path = /var/log/mail.info
}
listen = *
shutdown_clients = yes
mmap_disable = yes
lock_method = dotlock
maildir_copy_with_hardlinks = no
log_path = /var/log/dovecot.log
info_log_path = /var/log/mail.log
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail
auth_default_realm = involved.com
disable_plaintext_auth = no
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
login_chroot = yes
valid_chroot_dirs = /home/vmail/
login_user = postfix
login_process_per_connection = yes
login_processes_count = 2
login_max_processes_count = 64
login_max_connections = 128
login_greeting = Involved
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_log_format = %$: %s
default_mail_env = maildir:/home/vmail/domains/%d/%u
first_valid_uid = 103
pop3_uidl_format = %08Xu%08Xv
auth_cache_size = 10485760
auth_cache_ttl = 3600
auth_worker_max_count = 10
#auth_worker_max_request_count = 50
auth default {
mechanisms = PLAIN LOGIN
passdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
userdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0666
user = vmail
group = vmail
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
user = vmail
}
dovecot-ldap.conf
-----------------
hosts = localhost
auth_bind = yes
auth_bind_userdn = cn=%n,ou=%d,ou=mail,dc=domain,dc=com
ldap_version = 3
base = ou=mail,dc=domain,dc=com
dn = cn=Manager,dc=domain,dc=com
dnpass = secret
deref = never
scope = subtree
pass_attrs = mail=user,userPassword=password
user_filter = (&(objectClass=VirtualMailAccount)(accountActive=TRUE)(mail=%u))
pass_filter = (&(objectClass=VirtualMailAccount)(accountActive=TRUE)(mail=%u))
user_global_uid = 1001
user_global_gid = 1001
---end---
More information about the dovecot
mailing list