a temporary failure

lejeczek peljasz at yahoo.co.uk
Tue Jun 23 09:36:26 UTC 2015

On 23/06/15 08:19, Daniel Tröder wrote:
> Am 22.06.2015 um 18:21 schrieb lejeczek:
>> On 22/06/15 09:16, lejeczek wrote:
>>> dear all
>>> I have a postfix relaying to dovecot's lda but "strangely" it does not
>>> work, I mean I imaging it's me doing something wrong, yet I cannot
>>> figure out what.
>>> postfix logs:
>>> to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot,
>>> delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred
>>> (temporary failure)
>>> and dovecot logs no error, despite having debug to yes in couple of
>>> places,
>>> it shows:
>>> auth: Debug: master in: USER    1    me at my.domain    service=lda
>>> auth-worker(25343): Debug: passwd(me at my.domain): lookup
>>> auth-worker(25343): passwd(me at my.domain): unknown user
>>> auth: Debug: ldap(me at my.domain): user search:
>>> base=ou=People,dc=my,dc=domain scope=subtree
>>> filter=(&(objectClass=person)(uid=me)) fields=
>>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top,
>>> ... here  goes the whole lot of ldap atrribs, and at the end:
>>> unused.
>>> For passdb & userdb in the configs I only configure ldap backed,
>>> nothing else. Ldap works, I can query it without failling.
>>> I believe it's very simple set up but I must be wrong somewhere.
>>> pass_filter = (&(objectClass=posixAccount)(uid=%n))
>>> pass_attrs = uid=user=%n,userPassword=password
>>> user_attrs =
>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n
>>> user_filter = (&(objectClass=person)(uid=%n))
>>> Any suggestions very appreciated.
>>> thanks
>> strange thing is that an IMAP clients authenticates just fine. Only
>> problems are when sending messages with smtp/postfix.
> I had a similar problem. Turned out, that when the message comes from
> Postfix, the identifier is an email address (surprise ;) and not a
> username, so my LDAP query looks similar to this:
> user_filter = (&(objectClass=person)(|(uid=%u)(email=%u)))
> Anyway, when you set auth_verbose=yes and auth_debug=yes,  in
> 10-logging.conf you'll see the exact LDAP query.
yes, I've seen all the queries in my logs.
The thing is that I was all this time able to ldapsearch 
that query successfully.
when smtp send this gets to logs:

auth: Debug: ldap(me at my.domain): pass search: 
filter=(&(objectclass=person)(|(uid=me)(mail=me at my.domain))) 
auth: Debug: ldap(me at my.domain): result: uid=me 
userPassword=<hidden>; uid,userPassword unused
auth: Debug: ldap(me at my.domain): result: uid=me 
auth: Fatal: master: service(auth): child 11831 killed with 
signal 11 (core dumped)

and dovecot is:
2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-229.4.2.el7.x86_64 x86_64 Scientific 
Linux release 7.1 (Nitrogen) xfs

More information about the dovecot mailing list