Fatal: setgid, imap connections dropped.

Aki Tuomi aki.tuomi at open-xchange.com
Fri Oct 19 09:52:52 EEST 2018 

On 18.10.2018 21.24, J. de Meijer wrote:
>> On 16.10.2018 21.32, J. de Meijer wrote:
>>> I'm still trying to fix this problem. Hopefully someone can help.
>>>
>>> I've upgraded dovecot to 2.3.3
>>> # dovecot --version
>>> 2.3.3 (dcead646b)
>>>
>>> That didn't help.
>>>
>>> Next I switched 10-auth.conf to use a local password file (instead of
>>> LDAP)
>> Can you provide doveconf -n please?
>>
>> Aki
> Here it is. Hopefully you can find what's wrong.
>
> # dovecot -n
> # 2.3.3 (dcead646b): /usr/local/etc/dovecot/dovecot.conf
> # Pigeonhole version 0.5.3 (f018bbab)
> # OS: FreeBSD 11.2-RELEASE-p4 amd64
> # Hostname: mailserver
> auth_debug = yes
> imap_idle_notify_interval = 29 mins
> mail_debug = yes
> mail_fsync = never
> mail_location = maildir:~/Maildir
> mail_plugins = " fts fts_solr"
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
> copy include variables body enotify environment mailbox date index ihave
> duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
> namespace inbox {
>   inbox = yes
>   location =
>   mailbox Archive {
>     auto = subscribe
>     special_use = \Archive
>   }
>   mailbox Drafts {
>     auto = subscribe
>     special_use = \Drafts
>   }
>   mailbox Sent {
>     auto = subscribe
>     special_use = \Sent
>   }
>   mailbox Spam {
>     auto = subscribe
>     special_use = \Junk
>   }
>   mailbox Trash {
>     auto = subscribe
>     special_use = \Trash
>   }
>   prefix =
>   separator = /
> }
> passdb {
>   args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
>   driver = ldap
> }
> plugin {
>   fts = solr
>   fts_autoindex = yes
>   fts_solr = url=http://127.0.0.1:8983/solr/dovecot/
>   imapsieve_mailbox1_before =
> file:/usr/local/etc/dovecot/sieve/report-spam.sieve
>   imapsieve_mailbox1_causes = COPY
>   imapsieve_mailbox1_name = Spam
>   imapsieve_mailbox2_before =
> file:/usr/local/etc/dovecot/sieve/report-ham.sieve
>   imapsieve_mailbox2_causes = COPY
>   imapsieve_mailbox2_from = Spam
>   imapsieve_mailbox2_name = *
>   recipient_delimiter = +
>   sieve = file:~/sieve;active=~/.dovecot.sieve
>   sieve_after = /usr/local/etc/dovecot/sieve-after.d
>   sieve_before = /usr/local/etc/dovecot/sieve-before.d
>   sieve_global_extensions = +vnd.dovecot.pipe
>   sieve_pipe_bin_dir = /usr/local/etc/dovecot/sieve
>   sieve_plugins = sieve_imapsieve sieve_extprograms
>   sieve_quota_max_storage = 50M
> }
> postmaster_address = webmaster at example.com
> protocols = imap pop3 lmtp sieve
> service auth {
>   client_limit = 1600
>   unix_listener /var/spool/postfix/private/auth {
>     group = postfix
>     mode = 0660
>     user = postfix
>   }
> }
> service imap-login {
>   inet_listener imap {
>     address = 127.0.0.1, ::1
>   }
>   process_min_avail = 3
>   service_count = 1
> }
> service imap {
>   process_min_avail = 3
>   service_count = 256
> }
> service lmtp {
>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>     group = postfix
>     mode = 0600
>     user = postfix
>   }
> }
> service pop3-login {
>   inet_listener pop3 {
>     address = 127.0.0.1, ::1
>   }
>   service_count = 1
> }
> ssl = required
> ssl_cert = </usr/local/etc/ssl/mail.demeijer.com.dovecot.crt
> ssl_cipher_list =
> ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> ssl_min_protocol = TLSv1.2
> ssl_prefer_server_ciphers = yes
> userdb {
>   args = /usr/local/etc/dovecot/dovecot-ldap-user.conf.ext
>   driver = ldap
> }
> protocol imap {
>   mail_max_userip_connections = 50
>   mail_plugins = " fts fts_solr imap_sieve"
> }
> protocol lmtp {
>   lmtp_save_to_detail_mailbox = yes
>   mail_fsync = optimized
>   mail_plugins = " fts fts_solr quota sieve"
> }
>
>
>
Hi!

You can't set

service imap {
 service_count = 256
}

if you are using multiple system UIDs. See
https://wiki.dovecot.org/Services#imap.2C_pop3.2C_submission.2C_managesieve

*service_count* can be changed from 1 if only a single UID is used for
mail users. This is improves performance, but it's less secure, because
bugs in code may leak email data from another user's earlier connection.

Aki

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20181019/106b2ac8/attachment.html>

More information about the dovecot mailing list