<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>Dovecot has some special socket names, auth-userdb is one of
      those.</p>
    <p>Aki<br>
    </p>
    <br>
    <div class="moz-cite-prefix">On 26.03.2018 14:47, Vladimir Tiukhtin
      wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:e85eaccc-c5bd-b8b3-6fba-a2e4458fcf60@asergis.com">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <p>Hi</p>
      <p>What you have suggested works.</p>
      <p>service auth {<br>
           unix_listener /var/spool/postfix/private/auth {<br>
                 user = postfix<br>
                 group = postfix<br>
                 mode = 0600<br>
          }<br>
        }</p>
      This works as well:<br>
      <br>
      service auth {<br>
         unix_listener /var/run/dovecot/auth {<br>
               owner = postfix<br>
               group = postfix<br>
               mode = 0600<br>
        }<br>
      }<br>
      <br>
      And this works as well:<br>
      <br>
      service auth {<br>
         unix_listener /var/run/dovecot/auth-test-test {<br>
               owner = postfix<br>
               group = postfix<br>
               mode = 0600<br>
        }<br>
      }<br>
      <br>
      And only when socket has name "auth-userdb"<br>
      <br>
      service auth {<br>
         unix_listener auth-userdb {<br>
               owner = postfix<br>
               group = postfix<br>
               mode = 0600<br>
        }<br>
      }<br>
      <br>
      it doesn't.<br>
      <br>
      When socket name is "auth-userdb" I can see in the log:<br>
      <br>
      Mar 26 11:43:59 mail-server postfix/smtpd[3648]: connect from
      unknown[10.15.5.127]<br>
      Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: Loading
      modules from directory: /usr/lib64/dovecot/auth<br>
      Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: Module
      loaded: /usr/lib64/dovecot/auth/libdriver_mysql.so<br>
      Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: Module
      loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
      Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: Wrote new
      auth token secret to /var/run/dovecot//auth-token-secret.dat<br>
      Mar 26 11:43:59 mail-server postfix/smtpd[3648]: fatal: no SASL
      authentication mechanisms<br>
      Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: master in:
      CPID        3648<br>
      Mar 26 11:43:59 mail-server dovecot[3577]: auth: Error: BUG:
      Unknown command in userdb socket: CPID?3648<br>
      Mar 26 11:44:00 mail-server postfix/master[3644]: warning: process
      /usr/libexec/postfix/smtpd pid 3648 exit status 1<br>
      Mar 26 11:44:00 mail-server postfix/master[3644]: warning:
      /usr/libexec/postfix/smtpd: bad command startup -- throttling<br>
      <br>
      Vladimir<br>
      <br>
      <div class="moz-cite-prefix">On 26/03/18 09:55, Aki Tuomi wrote:<br>
      </div>
      <blockquote type="cite"
        cite="mid:094fd30c-57f4-9977-b1b5-5a8eaac797d4@dovecot.fi">
        <meta http-equiv="Content-Type" content="text/html;
          charset=utf-8">
        Ah i see.<br>
        <br>
        try this:<br>
        <br>
        dovecot.conf:<br>
        <br>
        service auth {<br>
           unix_listener /var/spool/postfix/private/auth {<br>
                 owner = postfix<br>
                 group = postfix<br>
                 mode = 0600<br>
          }<br>
        }<br>
        <br>
        postfix.conf:<br>
        <br>
        smtpd_sasl_path = private/auth<br>
        <br>
        Aki<br>
        <br>
        <div class="moz-cite-prefix">On 26.03.2018 11:25, Vladimir
          Tiukhtin wrote:<br>
        </div>
        <blockquote type="cite"
          cite="mid:040acbc7-9949-f719-3f17-e14f2147cbea@asergis.com">
          <p>Hello</p>
          <p>Yes, please find my postfix config:</p>
          <p>smtpd_sasl_type = dovecot<br>
            #smtpd_sasl_path = /var/run/dovecot/auth<br>
            smtpd_sasl_path = /var/run/dovecot/auth-userdb<br>
            smtpd_sasl_auth_enable = yes<br>
            smtpd_relay_restrictions = permit_mynetworks,
            permit_sasl_authenticated, reject_unauth_destination<br>
          </p>
          <p>As I mentioned if I remove minus from socket name
            everything works perfect. Thanks</p>
          <p>Vladimir</p>
          <br>
          <div class="moz-cite-prefix">On 26/03/18 08:37, Aki Tuomi
            wrote:<br>
          </div>
          <blockquote type="cite"
            cite="mid:16f52b0c-8d50-b46a-0cb7-4f6e949ed5f1@dovecot.fi">
            <p>Did you tell postfix it's talking to dovecot?</p>
            <p>Aki<br>
            </p>
            <br>
            <div class="moz-cite-prefix">On 25.03.2018 20:29, Vladimir
              Tiukhtin wrote:<br>
            </div>
            <blockquote type="cite"
              cite="mid:020aa092-120f-43d0-e20c-c698539c35a8@asergis.com">
              <p>Hi guys.</p>
              <p>I am getting strange error:</p>
              <p><br>
              </p>
              <p><font color="#ff0000">BUG: Unknown command in userdb
                  socket: CPID?2625</font></p>
              <p><br>
              </p>
              <p>I am using service auth  to authenticate users on
                postfix.</p>
              <p><b>My OS</b>:</p>
              <p># cat /etc/os-release <br>
                NAME="CentOS Linux"<br>
                VERSION="7 (Core)"<br>
                ID="centos"<br>
                ID_LIKE="rhel fedora"<br>
                VERSION_ID="7"<br>
                PRETTY_NAME="CentOS Linux 7 (Core)"<br>
                ANSI_COLOR="0;31"<br>
                CPE_NAME="cpe:/o:centos:centos:7"<br>
                HOME_URL=<a class="moz-txt-link-rfc2396E"
                  href="https://www.centos.org/" moz-do-not-send="true">"https://www.centos.org/"</a><br>
                BUG_REPORT_URL=<a class="moz-txt-link-rfc2396E"
                  href="https://bugs.centos.org/" moz-do-not-send="true">"https://bugs.centos.org/"</a><br>
                <br>
                CENTOS_MANTISBT_PROJECT="CentOS-7"<br>
                CENTOS_MANTISBT_PROJECT_VERSION="7"<br>
                REDHAT_SUPPORT_PRODUCT="centos"<br>
                REDHAT_SUPPORT_PRODUCT_VERSION="<br>
              </p>
              <p><b>My dovecot:</b></p>
              <p># dovecot --version<br>
                2.2.10<br>
              </p>
              <p><b>My config</b>:</p>
              <p>service auth {<br>
                  unix_listener auth-userdb {<br>
                    mode = 0600<br>
                    user = postfix<br>
                    group = postfix<br>
                  }<br>
                }</p>
              <p><b>My Postfix:</b></p>
              <p># rpm -qa | grep postf<br>
                postfix-2.10.1-6.el7.x86_64<br>
              </p>
              <p><b>Log</b>:</p>
              <p>Mar 25 16:52:33 mail-server postfix/smtpd[2625]:
                connect from unknown[10.254.200.202]<br>
                Mar 25 16:52:33 mail-server dovecot[2621]: auth: Debug:
                Loading modules from directory: /usr/lib64/dovecot/auth<br>
                Mar 25 16:52:33 mail-server dovecot[2621]: auth: Debug:
                Module loaded:
                /usr/lib64/dovecot/auth/libdriver_mysql.so<br>
                Mar 25 16:52:33 mail-server dovecot[2621]: auth: Debug:
                Module loaded:
                /usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
                Mar 25 16:52:33 mail-server dovecot[2621]: auth: Debug:
                Read auth token secret from
                /var/run/dovecot//auth-token-secret.dat<br>
                Mar 25 16:52:33 mail-server dovecot[2621]: auth: Debug:
                master in: CPID        2625<br>
                Mar 25 16:52:33 mail-server dovecot[2621]: auth: Error:
                BUG: Unknown command in userdb socket: CPID?2625<br>
                Mar 25 16:52:33 mail-server postfix/smtpd[2625]: fatal:
                no SASL authentication mechanisms<br>
                Mar 25 16:52:34 mail-server postfix/master[2424]:
                warning: process /usr/libexec/postfix/smtpd pid 2625
                exit status 1<br>
                Mar 25 16:52:34 mail-server postfix/master[2424]:
                warning: /usr/libexec/postfix/smtpd: bad command startup
                -- throttling</p>
              <p>The interesting thing is IF I am taking off "-" (minus)
                from the socket name, everything works just perfect! So
                if I change config to:<br>
                <br>
              </p>
              <p>service auth {<br>
                  unix_listener blabla {<br>
                    mode = 0600<br>
                    user = postfix<br>
                    group = postfix<br>
                  }<br>
                }</p>
              <p>Mar 25 16:55:12 mail-server postfix/smtpd[2872]:
                connect from unknown[10.254.200.202]<br>
                Mar 25 16:55:12 mail-server dovecot[2786]: auth: Debug:
                Loading modules from directory: /usr/lib64/dovecot/auth<br>
                Mar 25 16:55:12 mail-server dovecot[2786]: auth: Debug:
                Module loaded:
                /usr/lib64/dovecot/auth/libdriver_mysql.so<br>
                Mar 25 16:55:12 mail-server dovecot[2786]: auth: Debug:
                Module loaded:
                /usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
                Mar 25 16:55:12 mail-server dovecot[2786]: auth: Debug:
                Read auth token secret from
                /var/run/dovecot//auth-token-secret.dat<br>
                Mar 25 16:55:12 mail-server dovecot[2786]: auth: Debug:
                auth client connected (pid=0)<br>
                Mar 25 16:55:13 mail-server dovecot[2786]: auth: Debug:
                client in: AUTH        1        PLAIN       
                service=smtp        nologin       
                lip=192.168.101.24        rip=10.254.200.202       
                secured        resp=<hidden><br>
                Mar 25 16:55:13 mail-server dovecot[2786]: auth: Debug:
                cache(<a class="moz-txt-link-abbreviated"
                  href="mailto:admin@asergis.com,10.254.200.202"
                  moz-do-not-send="true">admin@asergis.com,10.254.200.202</a>):
                miss<br>
                Mar 25 16:55:13 mail-server dovecot[2786]:
                auth-worker(2878): Debug: Loading modules from
                directory: /usr/lib64/dovecot/auth<br>
                Mar 25 16:55:13 mail-server dovecot[2786]:
                auth-worker(2878): Debug: Module loaded:
                /usr/lib64/dovecot/auth/libdriver_mysql.so<br>
                Mar 25 16:55:13 mail-server dovecot[2786]:
                auth-worker(2878): Debug: Module loaded:
                /usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
                Mar 25 16:55:13 mail-server dovecot[2786]:
                auth-worker(2878): Debug: sql(<a
                  class="moz-txt-link-abbreviated"
                  href="mailto:admin@asergis.com,10.254.200.202"
                  moz-do-not-send="true">admin@asergis.com,10.254.200.202</a>):
                query: SELECT userid AS username, domain, password FROM
                users WHERE userid = 'admin' AND domain = 'asergis.com'<br>
                Mar 25 16:55:13 mail-server dovecot[2786]: auth: Debug:
                client passdb out: OK        1        <a
                  class="moz-txt-link-abbreviated"
                  href="mailto:user=admin@asergis.com"
                  moz-do-not-send="true">user=admin@asergis.com</a><br>
                Mar 25 16:55:13 mail-server postfix/smtpd[2872]:
                5C63030208: client=unknown[10.254.200.202],
                sasl_method=PLAIN, <a class="moz-txt-link-abbreviated"
                  href="mailto:sasl_username=admin@asergis.com"
                  moz-do-not-send="true">sasl_username=admin@asergis.com</a><br>
                Mar 25 16:55:13 mail-server postfix/cleanup[2881]:
                5C63030208: message-id=<a class="moz-txt-link-rfc2396E"
href="mailto:d7706aa7-a2ad-6890-5590-e6f83b5ec3af@asergis.com"
                  moz-do-not-send="true"><d7706aa7-a2ad-6890-5590-e6f83b5ec3af@asergis.com></a><br>
                Mar 25 16:55:13 mail-server postfix/qmgr[2870]:
                5C63030208: from=<a class="moz-txt-link-rfc2396E"
                  href="mailto:admin@asergis.com" moz-do-not-send="true"><admin@asergis.com></a>,
                size=622, nrcpt=1 (queue active)</p>
              <p><br>
              </p>
              <p>P.s. I don't mind to use socket without minus on its
                name. But this looks really strange. Thanks. You are
                awesome<br>
              </p>
              <p><br>
              </p>
              <p>Vladimir<br>
              </p>
            </blockquote>
            <br>
          </blockquote>
          <br>
        </blockquote>
        <br>
      </blockquote>
      <br>
    </blockquote>
    <br>
  </body>
</html>