Dovecot auth-worker error after cram-md5 auth
Aki Tuomi
aki.tuomi at dovecot.fi
Fri Feb 3 16:38:12 UTC 2017
You could try install libsasl2-modules (on debian/ubuntu) or
cyrus-sasl-plain (on rhel/centos)
Aki
On 2017-02-01 10:55, Poliman - Serwis wrote:
> I haven't doveadm logs in /var/log/. Are they default in another place or
> maybe should I turn on something?
>
> My config (default passdb block and auth_mechanisms, nothing more changed):
> root at vps342401:/etc/dovecot# doveconf -n
> # 2.2.9: /etc/dovecot/dovecot.conf
> # OS: Linux 3.13.0-100-generic x86_64 Ubuntu 14.04.5 LTS
> auth_mechanisms = plain login
> listen = *,[::]
> log_timestamp = "%Y-%m-%d %H:%M:%S "
> mail_max_userip_connections = 100
> mail_plugins = " quota"
> mail_privileged_group = vmail
> passdb {
> args = /etc/dovecot/dovecot-sql.conf
> driver = sql
> }
> plugin {
> quota = dict:user::file:/var/vmail/%d/%n/.quotausage
> sieve = /var/vmail/%d/%n/.sieve
> sieve_max_redirects = 25
> }
> postmaster_address = postmaster at vps342401.ovh.net
> protocols = imap pop3
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> group = postfix
> mode = 0660
> user = postfix
> }
> unix_listener auth-userdb {
> group = vmail
> mode = 0600
> user = vmail
> }
> user = root
> }
> service imap-login {
> client_limit = 1000
> process_limit = 512
> }
> service lmtp {
> unix_listener /var/spool/postfix/private/dovecot-lmtp {
> group = postfix
> mode = 0600
> user = postfix
> }
> }
> ssl = required
> ssl_cert = </etc/postfix/smtpd.cert
> ssl_cipher_list =
> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
> ssl_dh_parameters_length = 2048
> ssl_key = </etc/postfix/smtpd.key
> ssl_prefer_server_ciphers = yes
> ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
> userdb {
> driver = prefetch
> }
> userdb {
> args = /etc/dovecot/dovecot-sql.conf
> driver = sql
> }
> protocol imap {
> mail_plugins = quota imap_quota
> }
> protocol pop3 {
> mail_plugins = quota
> pop3_uidl_format = %08Xu%08Xv
> }
> protocol lda {
> mail_plugins = sieve quota
> postmaster_address = webmaster at localhost
> }
> protocol lmtp {
> mail_plugins = quota sieve
> postmaster_address = webmaster at localhost
> }
>
> Error from mail.err:
> Feb 1 09:50:01 vps342401 postfix/smtpd[699]: fatal: no SASL authentication
> mechanisms
> Feb 1 09:51:02 vps342401 postfix/smtpd[724]: fatal: no SASL authentication
> mechanisms
> Feb 1 09:51:02 vps342401 postfix/smtpd[725]: fatal: no SASL authentication
> mechanisms
> Feb 1 09:52:21 vps342401 postfix/smtps/smtpd[773]: fatal: no SASL
> authentication mechanisms
>
> Error from syslog:
> Feb 1 09:52:21 vps342401 postfix/smtps/smtpd[773]: connect from
> host9323131.internet.3s.com[12.34.45.56]
> Feb 1 09:52:21 vps342401 postfix/smtps/smtpd[773]: fatal: no SASL
> authentication mechanisms
> Feb 1 09:52:22 vps342401 postfix/master[29133]: warning: process
> /usr/lib/postfix/smtpd pid 773 exit status 1
> Feb 1 09:52:22 vps342401 postfix/master[29133]: warning:
> /usr/lib/postfix/smtpd: bad command startup -- throttling
> Feb 1 09:53:01 vps342401 CRON[777]: (root) CMD
> (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo
> `/bin/date` "$line" >> /var/log/ispconfig/cron.log; do ne)
> Feb 1 09:53:01 vps342401 CRON[778]: (root) CMD
> (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo
> `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done )
>
>
> 2017-02-01 9:40 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>
>> doveadm log errors can be helpful too
>>
>>
>> On 01.02.2017 10:25, Poliman - Serwis wrote:
>>> I can check each logs, I have root privileges.
>>>
>>> 2017-02-01 9:04 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>>
>>>> Can you check your logs?
>>>>
>>>> Aki
>>>>
>>>>
>>>> On 01.02.2017 10:02, Poliman - Serwis wrote:
>>>>> When I used backup copy of the dovecot.conf file I have this same
>> error.
>>>> So
>>>>> I think that maybe something was written to database? I really would
>>>> point
>>>>> out that I only added
>>>>> passdb {
>>>>> driver = passwd-file
>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>> }
>>>>>
>>>>> and comment out from above block default lines
>>>>> #args = /etc/dovecot/dovecot-sql.conf
>>>>> #driver = sql
>>>>>
>>>>> And in auth_mechanisms add line cram-md5. Nothing more in any other
>> file.
>>>>> I don't want to use cram-md5. I need move back to default settings.
>>>>> Cram-md5 was only for testing purposes. :) But I supposed that I can
>> move
>>>>> back to default by commenting out added lines. But unfortunately it
>> isn't
>>>>> that simple.
>>>>>
>>>>> 2017-02-01 8:59 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>>>>
>>>>>> Are you still trying to authenticate using cram-md5?
>>>>>>
>>>>>> Aki
>>>>>>
>>>>>>
>>>>>> On 01.02.2017 09:51, Poliman - Serwis wrote:
>>>>>>> It still use:
>>>>>>> passdb {
>>>>>>> driver = passwd-file
>>>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>> }
>>>>>>>
>>>>>>> When I delete above and delete "cram-md5" in auth_mechanisms it still
>>>> not
>>>>>>> working.
>>>>>>>
>>>>>>> 2017-02-01 8:45 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>>>>>>
>>>>>>>> You are probably wanting to do
>>>>>>>> passdb {
>>>>>>>> driver = passwd-file
>>>>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>>> }
>>>>>>>>
>>>>>>>> passdb {
>>>>>>>> driver = sql
>>>>>>>> args = /etc/dovecot/dovecot-sql.conf
>>>>>>>> }
>>>>>>>>
>>>>>>>> Why you want to use cram-md5 is beyond me, because using SSL is much
>>>>>>>> more safer.
>>>>>>>>
>>>>>>>> Aki
>>>>>>>>
>>>>>>>> On 01.02.2017 09:41, Poliman - Serwis wrote:
>>>>>>>>> Default it was: "auth_mechanisms = plain login" and I added
>>>> cram-md5.
>>>>>>>>> After restart all work perfectly. But after I added:
>>>>>>>>> driver = passwd-file
>>>>>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>>>> I can't set default lines because I got error. Please tell me which
>>>>>> lines
>>>>>>>>> should be changed to resolve this issue. Should I remove "login"
>> from
>>>>>>>>> auth_mechanism ("login" was default setting and I would like to
>> move
>>>>>> back
>>>>>>>>> to default settings)?
>>>>>>>>>
>>>>>>>>> 2017-02-01 8:36 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>>>>>>>>
>>>>>>>>>> Because cram-md5 needs the user's password for calculating
>>>> responses,
>>>>>> it
>>>>>>>>>> cannot work with hashed passwords (one-way encrypted). The only
>>>>>>>>>> supported password schemes are PLAIN and CRAM-MD5.
>>>>>>>>>>
>>>>>>>>>> Aki
>>>>>>>>>>
>>>>>>>>>> On 01.02.2017 09:33, Poliman - Serwis wrote:
>>>>>>>>>>> I always restart dovecot after change config. ;) Sure, I
>> commented
>>>>>> out
>>>>>>>>>>> added two lines by me, restarted dovecot and here it is:
>>>>>>>>>>>
>>>>>>>>>>> # 2.2.9: /etc/dovecot/dovecot.conf
>>>>>>>>>>> # OS: Linux 3.13.0-100-generic x86_64 Ubuntu 14.04.5 LTS
>>>>>>>>>>> auth_mechanisms = plain login cram-md5
>>>>>>>>>>> listen = *,[::]
>>>>>>>>>>> log_timestamp = "%Y-%m-%d %H:%M:%S "
>>>>>>>>>>> mail_max_userip_connections = 100
>>>>>>>>>>> mail_plugins = " quota"
>>>>>>>>>>> mail_privileged_group = vmail
>>>>>>>>>>> passdb {
>>>>>>>>>>> args = /etc/dovecot/dovecot-sql.conf
>>>>>>>>>>> driver = sql
>>>>>>>>>>> }
>>>>>>>>>>> plugin {
>>>>>>>>>>> quota = dict:user::file:/var/vmail/%d/%n/.quotausage
>>>>>>>>>>> sieve = /var/vmail/%d/%n/.sieve
>>>>>>>>>>> sieve_max_redirects = 25
>>>>>>>>>>> }
>>>>>>>>>>> postmaster_address = postmaster at example.com
>>>>>>>>>>> protocols = imap pop3
>>>>>>>>>>> service auth {
>>>>>>>>>>> unix_listener /var/spool/postfix/private/auth {
>>>>>>>>>>> group = postfix
>>>>>>>>>>> mode = 0660
>>>>>>>>>>> user = postfix
>>>>>>>>>>> }
>>>>>>>>>>> unix_listener auth-userdb {
>>>>>>>>>>> group = vmail
>>>>>>>>>>> mode = 0600
>>>>>>>>>>> user = vmail
>>>>>>>>>>> }
>>>>>>>>>>> user = root
>>>>>>>>>>> }
>>>>>>>>>>> service imap-login {
>>>>>>>>>>> client_limit = 1000
>>>>>>>>>>> process_limit = 512
>>>>>>>>>>> }
>>>>>>>>>>> service lmtp {
>>>>>>>>>>> unix_listener /var/spool/postfix/private/dovecot-lmtp {
>>>>>>>>>>> group = postfix
>>>>>>>>>>> mode = 0600
>>>>>>>>>>> user = postfix
>>>>>>>>>>> }
>>>>>>>>>>> }
>>>>>>>>>>> ssl = required
>>>>>>>>>>> ssl_cert = </etc/postfix/smtpd.cert
>>>>>>>>>>> ssl_cipher_list =
>>>>>>>>>>> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
>>>>>>>>>> ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:
>>>>>>>>>> DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+
>>>>>>>>>> AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-
>>>>>>>>>> SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-
>>>>>>>>>> RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-
>>>>>>>>>> AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-
>>>>>>>>>> RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:
>>>>>>>>>> DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:
>>>>>>>>>> AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-
>>>>>>>>>> SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
>>>>>>>>>> EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!
>>>>>>>>>> EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
>>>>>>>>>>> ssl_dh_parameters_length = 2048
>>>>>>>>>>> ssl_key = </etc/postfix/smtpd.key
>>>>>>>>>>> ssl_prefer_server_ciphers = yes
>>>>>>>>>>> ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
>>>>>>>>>>> userdb {
>>>>>>>>>>> driver = prefetch
>>>>>>>>>>> }
>>>>>>>>>>> userdb {
>>>>>>>>>>> args = /etc/dovecot/dovecot-sql.conf
>>>>>>>>>>> driver = sql
>>>>>>>>>>> }
>>>>>>>>>>> protocol imap {
>>>>>>>>>>> mail_plugins = quota imap_quota
>>>>>>>>>>> }
>>>>>>>>>>> protocol pop3 {
>>>>>>>>>>> mail_plugins = quota
>>>>>>>>>>> pop3_uidl_format = %08Xu%08Xv
>>>>>>>>>>> }
>>>>>>>>>>> protocol lda {
>>>>>>>>>>> mail_plugins = sieve quota
>>>>>>>>>>> postmaster_address = webmaster at localhost
>>>>>>>>>>> }
>>>>>>>>>>> protocol lmtp {
>>>>>>>>>>> mail_plugins = quota sieve
>>>>>>>>>>> postmaster_address = webmaster at localhost
>>>>>>>>>>> }
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> 2017-02-01 8:27 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>>>>>>>>>>
>>>>>>>>>>>> On 01.02.2017 08:18, Poliman - Serwis wrote:
>>>>>>>>>>>>> This is debug log files in syslog:
>>>>>>>>>>>>> Feb 1 07:10:25 vps342401 dovecot: auth: Debug: client passdb
>>>> out:
>>>>>>>>>>>>> CONT#0112#011PDAxODg3ODIzMTUwMzgxNzMuMTQ
>>>>>>>> 4NTkyOTQyNUB2cHMzNDI0MDEub3ZoL
>>>>>>>>>>>> m5ldD4=
>>>>>>>>>>>>> Feb 1 07:10:26 vps342401 dovecot: auth: Debug: client in:
>>>>>>>> CONT<hidden>
>>>>>>>>>>>>> Feb 1 07:10:26 vps342401 dovecot: auth-worker(27069): Debug:
>>>> sql(
>>>>>>>>>>>>> do_not_reply at example.com,12.173.211.32): query: SELECT email
>> as
>>>>>>>> user,
>>>>>>>>>>>>> password, maildir as userdb_home, CONCAT( maildir_format, ':',
>>>>>>>> maildir,
>>>>>>>>>>>>> '/', IF(maildir_format='maildir','Maildir',maildir_format)) as
>>>>>>>>>>>> userdb_mail,
>>>>>>>>>>>>> uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=',
>> quota,
>>>>>>>> 'B')
>>>>>>>>>> AS
>>>>>>>>>>>>> userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve
>>>> FROM
>>>>>>>>>>>>> mail_user WHERE (login = 'do_not_reply at example.com' OR email
>> = '
>>>>>>>>>>>>> do_not_reply at example.com') AND `disablesmtp` = 'n' AND
>>>> server_id =
>>>>>>>> '1'
>>>>>>>>>>>>> Feb 1 07:10:26 vps342401 dovecot: auth-worker(27069):
>> password(
>>>>>>>>>>>>> do_not_reply at example.com, 12.173.211.32): Requested CRAM-MD5
>>>>>> scheme,
>>>>>>>>>>>> but we
>>>>>>>>>>>>> have only CRYPT
>>>>>>>>>>>>> Feb 1 07:10:28 vps342401 dovecot: auth: Debug: client passdb
>>>> out:
>>>>>>>>>>>>> FAIL#0112#011user=do_not_reply at example.com
>>>>>>>>>>>>> Feb 1 07:10:28 vps342401 postfix/smtps/smtpd[27067]: warning:
>>>>>>>>>>>>> host23131.internet.3s.com[12.173.211.32]: SASL CRAM-MD5
>>>>>>>> authentication
>>>>>>>>>>>>> failed: PDAxODg3ODIzMTUwMzgxNzMuMTQ4NT
>>>>>> kyOTQyNUB2cHMzNDI0MDEub3ZoLm5l
>>>>>>>>>> dD4=
>>>>>>>>>>>>> Feb 1 07:11:02 vps342401 CRON[27074]: (root) CMD
>>>>>>>>>>>>> (/usr/local/ispconfig/server/server.sh 2>&1 | while read line;
>>>> do
>>>>>>>> echo
>>>>>>>>>>>>> `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
>>>>>>>>>>>>> Feb 1 07:11:02 vps342401 CRON[27075]: (root) CMD
>>>>>>>>>>>>> (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line;
>> do
>>>>>> echo
>>>>>>>>>>>>> `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done)
>>>>>>>>>>>>> Feb 1 07:11:11 vps342401 dovecot: auth: Debug: client in:
>>>>>>>>>>>>> AUTH#0113#011CRAM-MD5#011service=smtp#011nologin#
>>>>>>>>>>>> 011lip=173.72.31.7#011rip=12.173.211.32#011secured
>>>>>>>>>>>>> Feb 1 07:11:11 vps342401 dovecot: auth: Debug: client passdb
>>>> out:
>>>>>>>>>>>>> CONT#0113#011PDE3NDg1NjE4MTgxNTk2OTAuMTQ
>>>>>>>> 4NTkyOTQ3MUB2cHMzNDI0MDEub3ZoL
>>>>>>>>>>>> m5ldD4=
>>>>>>>>>>>>> Feb 1 07:11:11 vps342401 dovecot: auth: Debug: client in:
>>>>>>>> CONT<hidden>
>>>>>>>>>>>>> Feb 1 07:11:11 vps342401 dovecot: auth-worker(27069): Debug:
>>>> sql(
>>>>>>>>>>>>> do_not_reply at example.com,12.173.211.32): query: SELECT email
>> as
>>>>>>>> user,
>>>>>>>>>>>>> password, maildir as userdb_home, CONCAT( maildir_format, ':',
>>>>>>>> maildir,
>>>>>>>>>>>>> '/', IF(maildir_format='maildir','Maildir',maildir_format)) as
>>>>>>>>>>>> userdb_mail,
>>>>>>>>>>>>> uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=',
>> quota,
>>>>>>>> 'B')
>>>>>>>>>> AS
>>>>>>>>>>>>> userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve
>>>> FROM
>>>>>>>>>>>>> mail_user WHERE (login = 'do_not_reply at example.com' OR email
>> = '
>>>>>>>>>>>>> do_not_reply at example.com') AND `disablesmtp` = 'n' AND
>>>> server_id =
>>>>>>>> '1'
>>>>>>>>>>>>> Feb 1 07:11:11 vps342401 dovecot: auth-worker(27069):
>> password(
>>>>>>>>>>>>> do_not_reply at example.com,12.173.211.32): Requested CRAM-MD5
>>>>>> scheme,
>>>>>>>>>> but
>>>>>>>>>>>> we
>>>>>>>>>>>>> have only CRYPT
>>>>>>>>>>>>> Feb 1 07:11:13 vps342401 dovecot: auth: Debug: client passdb
>>>> out:
>>>>>>>>>>>>> FAIL#0113#011user=do_not_reply at example.com
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> #####################
>>>>>>>>>>>>> I added in dovecot.conf lines in passdb block:
>>>>>>>>>>>>> driver = passwd-file
>>>>>>>>>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>>>>>>>> and commented out default lines
>>>>>>>>>>>>> #args = /etc/dovecot/dovecot-sql.conf
>>>>>>>>>>>>> #driver = sql
>>>>>>>>>>>>> When I try set again default lines I got above error
>>>>>>>>>>>> Can you run doveconf -n with the configuration that causes the
>>>> above
>>>>>>>>>>>> error? Also it clearly does SQL lookup, so that error is
>> happening
>>>>>>>> with
>>>>>>>>>>>> SQL passdb. You need to remember to restart dovecot between
>>>>>>>>>>>> configuration changes.
>>>>>>>>>>>>
>>>>>>>>>>>> Aki
>>>>>>>>>>>>
>>>>>>>>>>>>> 2017-01-31 8:08 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> On 31.01.2017 09:06, Poliman - Serwis wrote:
>>>>>>>>>>>>>>> I set up cram-md5 using this tutorial
>>>>>>>>>>>>>>> https://wiki2.dovecot.org/HowTo/CRAM-MD5 in
>>>>>>>>>> /etc/dovecot/dovecot.conf
>>>>>>>>>>>> in
>>>>>>>>>>>>>>> passdb code block:
>>>>>>>>>>>>>>> listen = *,[::]
>>>>>>>>>>>>>>> protocols = imap pop3
>>>>>>>>>>>>>>> #auth_mechanisms = plain login cram-md5
>>>>>>>>>>>>>>> auth_mechanisms = cram-md5 plain login
>>>>>>>>>>>>>>> #dodana nizej linia
>>>>>>>>>>>>>>> ssl = required
>>>>>>>>>>>>>>> disable_plaintext_auth = yes
>>>>>>>>>>>>>>> log_timestamp = "%Y-%m-%d %H:%M:%S "
>>>>>>>>>>>>>>> mail_privileged_group = vmail
>>>>>>>>>>>>>>> postmaster_address = postmaster at vps342401.ovh.net
>>>>>>>>>>>>>>> ssl_cert = </etc/postfix/smtpd.cert
>>>>>>>>>>>>>>> ssl_key = </etc/postfix/smtpd.key
>>>>>>>>>>>>>>> ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
>>>>>>>>>>>>>>> ssl_cipher_list =
>>>>>>>>>>>>>>> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
>>>>>>>>>>>>>> ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384[
>>>> image:
>>>>>>>>>>>>>>> :D]HE-RSA-AES128-GCM-SHA256[image: :D]HE-DSS-AES$
>>>>>>>>>>>>>>> ssl_prefer_server_ciphers = yes
>>>>>>>>>>>>>>> ssl_dh_parameters_length = 2048
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> mail_max_userip_connections = 100
>>>>>>>>>>>>>>> passdb {
>>>>>>>>>>>>>>> # args = /etc/dovecot/dovecot-sql.conf
>>>>>>>>>>>>>>> # driver = sql
>>>>>>>>>>>>>>> driver = passwd-file
>>>>>>>>>>>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>> userdb {
>>>>>>>>>>>>>>> driver = prefetch
>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>> userdb {
>>>>>>>>>>>>>>> args = /etc/dovecot/dovecot-sql.conf
>>>>>>>>>>>>>>> driver = sql
>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>> Of course I created cram-md5.pwd file. All mails go out and
>>>> come
>>>>>>>>>>>> nicely.
>>>>>>>>>>>>>>> But after I want to do default settings by commented out
>> these
>>>>>> two
>>>>>>>>>>>> lines:
>>>>>>>>>>>>>>> driver = passwd-file
>>>>>>>>>>>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>>>>>>>>>> and uncomment
>>>>>>>>>>>>>>> # args = /etc/dovecot/dovecot-sql.conf
>>>>>>>>>>>>>>> # driver = sql
>>>>>>>>>>>>>>> I can't send emails - I use Thunderbird - get error "logging
>> on
>>>>>>>>>> server
>>>>>>>>>>>>>>> mail.example.com not work out". Error in logs:
>>>>>>>>>>>>>>> dovecot: auth-worker(22698): Error: Auth worker sees
>> different
>>>>>>>>>>>>>>> passdbs/userdbs than auth server.
>>>>>>>>>>>>>>> dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Is it possible that hashed password from cram-md5.pwd file
>> was
>>>>>>>>>> written
>>>>>>>>>>>> to
>>>>>>>>>>>>>>> database (if yes then where - I have ISPconfig)? I wasn't
>>>> change
>>>>>>>> any
>>>>>>>>>>>>>> userdb
>>>>>>>>>>>>>>> {} block and this second userdb block has this same lines
>> like
>>>>>>>>>> default
>>>>>>>>>>>>>>> settings in passdb block.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Try
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> auth_debug=yes
>>>>>>>>>>>>>> auth_verbose=yes
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> and see if it gives any more reasonable messages.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Aki
>>>>>>>>>>>>>>
>>>
>
>
More information about the dovecot
mailing list