Dovecot auth-worker error after cram-md5 auth

Poliman - Serwis serwis at poliman.pl
Wed Feb 1 06:18:35 UTC 2017 

This is debug log files in syslog:
Feb  1 07:10:25 vps342401 dovecot: auth: Debug: client passdb out:
CONT#0112#011PDAxODg3ODIzMTUwMzgxNzMuMTQ4NTkyOTQyNUB2cHMzNDI0MDEub3ZoLm5ldD4=
Feb  1 07:10:26 vps342401 dovecot: auth: Debug: client in: CONT<hidden>
Feb  1 07:10:26 vps342401 dovecot: auth-worker(27069): Debug: sql(
do_not_reply at example.com,12.173.211.32): query: SELECT email as user,
password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir,
'/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail,
uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS
userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM
mail_user WHERE (login = 'do_not_reply at example.com' OR email = '
do_not_reply at example.com') AND `disablesmtp` = 'n' AND server_id = '1'
Feb  1 07:10:26 vps342401 dovecot: auth-worker(27069): password(
do_not_reply at example.com, 12.173.211.32): Requested CRAM-MD5 scheme, but we
have only CRYPT
Feb  1 07:10:28 vps342401 dovecot: auth: Debug: client passdb out:
FAIL#0112#011user=do_not_reply at example.com
Feb  1 07:10:28 vps342401 postfix/smtps/smtpd[27067]: warning:
host23131.internet.3s.com[12.173.211.32]: SASL CRAM-MD5 authentication
failed: PDAxODg3ODIzMTUwMzgxNzMuMTQ4NTkyOTQyNUB2cHMzNDI0MDEub3ZoLm5ldD4=
Feb  1 07:11:02 vps342401 CRON[27074]: (root) CMD
(/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo
`/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Feb  1 07:11:02 vps342401 CRON[27075]: (root) CMD
(/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo
`/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
Feb  1 07:11:11 vps342401 dovecot: auth: Debug: client in:
AUTH#0113#011CRAM-MD5#011service=smtp#011nologin#011lip=173.72.31.7#011rip=12.173.211.32#011secured
Feb  1 07:11:11 vps342401 dovecot: auth: Debug: client passdb out:
CONT#0113#011PDE3NDg1NjE4MTgxNTk2OTAuMTQ4NTkyOTQ3MUB2cHMzNDI0MDEub3ZoLm5ldD4=
Feb  1 07:11:11 vps342401 dovecot: auth: Debug: client in: CONT<hidden>
Feb  1 07:11:11 vps342401 dovecot: auth-worker(27069): Debug: sql(
do_not_reply at example.com,12.173.211.32): query: SELECT email as user,
password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir,
'/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail,
uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS
userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM
mail_user WHERE (login = 'do_not_reply at example.com' OR email = '
do_not_reply at example.com') AND `disablesmtp` = 'n' AND server_id = '1'
Feb  1 07:11:11 vps342401 dovecot: auth-worker(27069): password(
do_not_reply at example.com,12.173.211.32): Requested CRAM-MD5 scheme, but we
have only CRYPT
Feb  1 07:11:13 vps342401 dovecot: auth: Debug: client passdb out:
FAIL#0113#011user=do_not_reply at example.com



#####################
I added in dovecot.conf lines in passdb block:
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
and commented out default lines
  #args = /etc/dovecot/dovecot-sql.conf
  #driver = sql
When I try set again default lines I got above error


2017-01-31 8:08 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:

>
>
> On 31.01.2017 09:06, Poliman - Serwis wrote:
> > I set up cram-md5 using this tutorial
> > https://wiki2.dovecot.org/HowTo/CRAM-MD5 in /etc/dovecot/dovecot.conf in
> > passdb code block:
> > listen = *,[::]
> > protocols = imap pop3
> > #auth_mechanisms = plain login cram-md5
> > auth_mechanisms = cram-md5 plain login
> > #dodana nizej linia
> > ssl = required
> > disable_plaintext_auth = yes
> > log_timestamp = "%Y-%m-%d %H:%M:%S "
> > mail_privileged_group = vmail
> > postmaster_address = postmaster at vps342401.ovh.net
> > ssl_cert = </etc/postfix/smtpd.cert
> > ssl_key = </etc/postfix/smtpd.key
> > ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
> > ssl_cipher_list =
> > ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
> ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384[image:
> > :D]HE-RSA-AES128-GCM-SHA256[image: :D]HE-DSS-AES$
> > ssl_prefer_server_ciphers = yes
> > ssl_dh_parameters_length = 2048
> >
> >
> > mail_max_userip_connections = 100
> > passdb {
> > # args = /etc/dovecot/dovecot-sql.conf
> > # driver = sql
> > driver = passwd-file
> > args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> > }
> > userdb {
> > driver = prefetch
> > }
> > userdb {
> > args = /etc/dovecot/dovecot-sql.conf
> > driver = sql
> > }
> > Of course I created cram-md5.pwd file. All mails go out and come nicely.
> > But after I want to do default settings by commented out these two lines:
> > driver = passwd-file
> > args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> > and uncomment
> > # args = /etc/dovecot/dovecot-sql.conf
> > # driver = sql
> > I can't send emails - I use Thunderbird - get error "logging on server
> > mail.example.com not work out". Error in logs:
> > dovecot: auth-worker(22698): Error: Auth worker sees different
> > passdbs/userdbs than auth server.
> > dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF
> >
> > Is it possible that hashed password from cram-md5.pwd file was written to
> > database (if yes then where - I have ISPconfig)? I wasn't change any
> userdb
> > {} block and this second userdb block has this same lines like default
> > settings in passdb block.
> >
> Try
>
> auth_debug=yes
> auth_verbose=yes
>
> and see if it gives any more reasonable messages.
>
> Aki
>



-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*




*tel. 534 555 877*

*serwis at poliman.pl <serwis at poliman.pl>*

More information about the dovecot mailing list