[Dovecot] Authentication Failure (newbie)

2014-06-07 Thread Danny Gorton 

Greetings,

I'm am learning about running a mail server and I set up a brand new 
Ubuntu 14.04 server with postfix and dovecot.  I had some initial 
problems with dovecot not starting, and then with not having proper 
permissions/access to the various directories and files and pipes, etc, 
and in the process starting to learn how this thing works.


After searching in web-land I seem to have overcome those issues and 
dovecot and postfix both start and accept connections now 
(http://wiki2.dovecot.org/TestPop3Installation).


However when I check to see if I can authenticate I get Authentication 
Failed.  At the time of these login attempts there are no messages added 
to syslog or mail.log, dovecot log entries are below.


Note I redacted my test user and password values to 'x', and my 
domain value to 'domain.com'.  Also I'm testing with my plain text 
password, but I've tried using AUTH PLAIN .  I 
have also tried the setup with a default auth domain, and I've tried 
authenticating with and without the domain name as part of the user 
name, with the same results.  I added the debug settings and 
disable_plaintext_auth = no to try to solve this issue.


Here is my test command set:

x@apacweb:~$ sudo doveadm user x
field   valueuserdb lookup: user x doesn't exist

and :

x@apacweb:~$ telnet localhost 110
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot (Ubuntu) ready.
user x
+OK
pass x
-ERR [AUTH] Authentication failed.


Here is a cut from the dovecot log:

2014-06-08 01:22:10 auth: Error: passwd-file(x): stat(uid=vmail 
gid=vmail home=/home/vmail//x /etc/dovecot/users) failed: Address 
family not supported by protocol


I figure this is the root cause of this issue and the solution to it is 
supposedly to tell dovecot to not listen on IPv6 (listen = *), but I did 
that and it didn't help (see config).


Here is a cut from the dovecot.info log:

2014-06-08 00:16:25 auth: Debug: auth client connected (pid=3131)

2014-06-08 01:22:10 auth: Debug: Loading modules from directory: 
/usr/lib/dovecot/modules/auth
2014-06-08 01:22:10 auth: Debug: Read auth token secret from 
/var/run/dovecot//auth-token-secret.dat
2014-06-08 01:22:10 auth: Debug: passwd-file /etc/dovecot/passwd: Read 1 
users in 0 secs
2014-06-08 01:22:10 auth: Debug: master in: USER1   x 
service=doveadm

2014-06-08 01:22:10 auth: Debug: userdb out: NOTFOUND   1

Here is my dovecot config:

# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-24-generic x86_64 Ubuntu 14.04 LTS ext4
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain cram-md5
auth_verbose = yes
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
info_log_path = /var/log/dovecot.info
listen = *
log_path = /var/log/dovecot
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir
passdb {
  args = /etc/dovecot/passwd
  driver = passwd-file
}
protocols = imap pop3
service auth {
  executable = /usr/lib/dovecot/auth
  unix_listener /var/spool/postfix/private/auth-client {
group = postfix
mode = 0666
user = postfix
  }
  unix_listener auth-userdb {
group = postfix
mode = 0777
user = postfix
  }
  user = vmail
}
service imap-login {
  chroot = login
  executable = /usr/lib/dovecot/imap-login
  user = dovecot
}
service imap {
  executable = /usr/lib/dovecot/imap
}
service pop3-login {
  chroot = login
  executable = /usr/lib/dovecot/pop3-login
  inet_listener pop3 {
address = *
port = 110
  }
  inet_listener pop3s {
address = *
port = 995
  }
  user = dovecot
}
service pop3 {
  executable = /usr/lib/dovecot/pop3
}
ssl = required
ssl_cert = I'm sure I've done something stupid, but after thrashing about for some 
days I haven't been able to figure out what it is.


Regards,
Danny

Re: [Dovecot] Outlook 2007 & 2010 hangs in v2.2?

2014-06-07 Thread Robert Schetterer 
Am 07.06.2014 16:46, schrieb Kilburn Abrahams:
> I can confirm also that since upgrading from 2.1.16 to 2.2.13 that
> Outlook 2013 (don't have previous versions to test) is throwing strange
> errors when users send emails. This predominantly happens when sending
> but has happened when they compose a long email then send. These users
> have 50GB+ mailboxes using IMAP.
> 
> I will try the fetch headers and report back.
> 
> The Outlook errors we are getting is "The operation failed. The
> messaging interfaces returned an unknown error. Please restart Outlook". 
> 
> So I can confirm there is problem, as one of the users who use
> Thunderbird with an equally large mailbox and does not have problems.
> 
> Kilburn

you mean copy to "sent" imap sent folder , after sent via smtp
perhaps i find time to test this myself too, however
50 GB of Mailbox is "not very wise" to have anyway, what are youre
"offline" sync policies at that mailboxes, or better to say ,what are
defaults at outlook 2013 with syncing such large mailboxes in imap mode,
Thunderbird per default does full sync , and gives the chance
to configure by folder.
At last, dont expect Outlook as good imap client, in very prime its the
client of exchange, other features like imap are "on top".

> 
> On 06/07/2014 12:25 AM, Andy Dills wrote:
>> We just upgraded from 2.1.16 to 2.2.13, and we have been have horrendous 
>> troubles with outlook since the upgrade.
>>
>> For users with large mailboxes, they are unable to sync their folders. 
>> Perhaps this is specifically because of the problem you are mentioning Timo.
>>
>> The only solution we could come up with for now was to configure outlook to 
>> only fetch headers and not bodies, when syncing. For the most part, bringing 
>> up individual messages is fine, haven't seen that fail. So, with that tweak 
>> to the outlook config, things are working error-free again for our 
>> users...but it was certainly an unexpected situation to tackle.
>>
>> Also, we found a marked improvement connecting via SSL on 993 than we do 
>> unencrypted on 143.
>>
>> I can definitely confirm 100% there is a regression in dovecot 2.2 that 
>> severely impacts the performance of outlook (but works great with everything 
>> else).
>>
>> Let me know if I can help you track this down Timo.
>>
>> Andy
>>
>> Sent from my iPhone
>>
>>> On Jun 5, 2014, at 1:40 PM, Timo Sirainen  wrote:
>>>
 On 5.6.2014, at 20.23, Robert Schetterer  wrote:

 Am 05.06.2014 17:02, schrieb Timo Sirainen:
> On 5.6.2014, at 17.41, Martin Rabl  wrote:
>
>> Am 05.06.2014 16:38, schrieb Timo Sirainen:
>>> Has anybody noticed Outlook 2007 & 2010 (but apparently not 2013) 
>>> hanging IMAP connections with Dovecot v2.2 (but not v2.1) when they're 
>>> FETCHing large mails? I can't think of any reasonable explanation for 
>>> this.
>> how large?
> I don't know yet if the mail size is even relevant. At least one hang was 
> caused by downloading ~55 MB mail where it stopped just before the last 
> 400 kB.
>
> I find it strange that v2.2 has been out for a long time and nobody 
> before this complained about any hangs.
 55 MB mail may are rare ,i can test it ,but it will need some time ( old
 outlook install on clean new windows system)
 perhaps anyone has an existing setup which could do it faster
>>> Happens also with smaller mails, for example 3 MB and I think there were 
>>> also even smaller ones like 1 MB. I see that once Outlook tried to download 
>>> the same 3 MB mail 3 times and it stopped reading it when it had 400 kB 
>>> left, but the 4th time succeeded. Dovecot sent exactly the same data with 
>>> the same TCP packet boundaries all times (at least to Dovecot proxy - would 
>>> have to look with tcpdump further to see if proxy does something 
>>> differently..)
>>>
>>> Anyway, nobody in general has had trouble with Dovecot v2.2 and Outlook 
>>> 2007/2010? Maybe the problem is something else, although strange if it 
>>> started happening only immediately after Dovecot upgrade.



Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

Re: [Dovecot] imap-login killed with signal 11 in Dovecot 2.2.13

2014-06-07 Thread Patrick De Zordo 
Same problem here!
Updated dovecot some minutes ago from xi.rename-it.nl..
Please resolve it very quick!

Having big problems!

Thanks,
Patrick.

> -Ursprüngliche Nachricht-
> Von: dovecot [mailto:dovecot-boun...@dovecot.org] Im Auftrag von
> Thomas Leuxner
> Gesendet: Samstag, 7. Juni 2014 17:29
> An: dovecot@dovecot.org
> Betreff: Re: [Dovecot] imap-login killed with signal 11 in Dovecot 2.2.13
> (feea8645c4d7)
> 
> * Thomas Leuxner  2014.06.07 12:15:
> 
> > Latest 2.2.13 HG feea8645c4d7 seems to unexpectedly kill imap-login
> sessions:
> 
> I can crash the process at will over a TLS connection with mutt, which I
can't
> when disabling TLS. So the culprit most-likely is this change:
> 
> http://hg.dovecot.org/dovecot-2.2/rev/09d3c9c6f0ad
> 
> It seems difficult to predict the imap-login process that will crash,
hence I
> struggle which one to connect GDB to...

Re: [Dovecot] imap-login killed with signal 11 in Dovecot 2.2.13 (feea8645c4d7)

2014-06-07 Thread Thomas Leuxner 
* Thomas Leuxner  2014.06.07 12:15:

> Latest 2.2.13 HG feea8645c4d7 seems to unexpectedly kill imap-login sessions:

I can crash the process at will over a TLS connection with mutt, which I can't 
when disabling TLS. So the culprit most-likely is this change:

http://hg.dovecot.org/dovecot-2.2/rev/09d3c9c6f0ad

It seems difficult to predict the imap-login process that will crash, hence I 
struggle which one to connect GDB to...


signature.asc
Description: Digital signature

Re: [Dovecot] imap-login killed with signal 11 in Dovecot 2.2.13 (feea8645c4d7)

2014-06-07 Thread Thomas Leuxner 
* Pascal Volk  2014.06.07 16:32:

> Hi Thomas,
> 
> either add "ulimit -c unlimited" to your init script
>  or
> start Dovecot directly from your shell:
> 
>   ulimit -c unlimited
>   dovecot [-c /path/2/dovecot.conf]
> 
> That should make Dovecot dumping core files.

Hi Pascal,

in general dumps work for Dovecot on my box. The 'imap-login' process however 
is not in the mood to generate a dump. I think this happened before with some 
processes of Dovecot, where users had problems to get them to dump...

Thanks for your help.

Regards
Thomas


signature.asc
Description: Digital signature

Re: [Dovecot] Outlook 2007 & 2010 hangs in v2.2?

2014-06-07 Thread Kilburn Abrahams 
I can confirm also that since upgrading from 2.1.16 to 2.2.13 that
Outlook 2013 (don't have previous versions to test) is throwing strange
errors when users send emails. This predominantly happens when sending
but has happened when they compose a long email then send. These users
have 50GB+ mailboxes using IMAP.

I will try the fetch headers and report back.

The Outlook errors we are getting is "The operation failed. The
messaging interfaces returned an unknown error. Please restart Outlook". 

So I can confirm there is problem, as one of the users who use
Thunderbird with an equally large mailbox and does not have problems.

Kilburn

On 06/07/2014 12:25 AM, Andy Dills wrote:
> We just upgraded from 2.1.16 to 2.2.13, and we have been have horrendous 
> troubles with outlook since the upgrade.
>
> For users with large mailboxes, they are unable to sync their folders. 
> Perhaps this is specifically because of the problem you are mentioning Timo.
>
> The only solution we could come up with for now was to configure outlook to 
> only fetch headers and not bodies, when syncing. For the most part, bringing 
> up individual messages is fine, haven't seen that fail. So, with that tweak 
> to the outlook config, things are working error-free again for our 
> users...but it was certainly an unexpected situation to tackle.
>
> Also, we found a marked improvement connecting via SSL on 993 than we do 
> unencrypted on 143.
>
> I can definitely confirm 100% there is a regression in dovecot 2.2 that 
> severely impacts the performance of outlook (but works great with everything 
> else).
>
> Let me know if I can help you track this down Timo.
>
> Andy
>
> Sent from my iPhone
>
>> On Jun 5, 2014, at 1:40 PM, Timo Sirainen  wrote:
>>
>>> On 5.6.2014, at 20.23, Robert Schetterer  wrote:
>>>
>>> Am 05.06.2014 17:02, schrieb Timo Sirainen:
 On 5.6.2014, at 17.41, Martin Rabl  wrote:

> Am 05.06.2014 16:38, schrieb Timo Sirainen:
>> Has anybody noticed Outlook 2007 & 2010 (but apparently not 2013) 
>> hanging IMAP connections with Dovecot v2.2 (but not v2.1) when they're 
>> FETCHing large mails? I can't think of any reasonable explanation for 
>> this.
> how large?
 I don't know yet if the mail size is even relevant. At least one hang was 
 caused by downloading ~55 MB mail where it stopped just before the last 
 400 kB.

 I find it strange that v2.2 has been out for a long time and nobody before 
 this complained about any hangs.
>>> 55 MB mail may are rare ,i can test it ,but it will need some time ( old
>>> outlook install on clean new windows system)
>>> perhaps anyone has an existing setup which could do it faster
>> Happens also with smaller mails, for example 3 MB and I think there were 
>> also even smaller ones like 1 MB. I see that once Outlook tried to download 
>> the same 3 MB mail 3 times and it stopped reading it when it had 400 kB 
>> left, but the 4th time succeeded. Dovecot sent exactly the same data with 
>> the same TCP packet boundaries all times (at least to Dovecot proxy - would 
>> have to look with tcpdump further to see if proxy does something 
>> differently..)
>>
>> Anyway, nobody in general has had trouble with Dovecot v2.2 and Outlook 
>> 2007/2010? Maybe the problem is something else, although strange if it 
>> started happening only immediately after Dovecot upgrade.

Re: [Dovecot] imap-login killed with signal 11 in Dovecot 2.2.13 (feea8645c4d7)

2014-06-07 Thread Pascal Volk 
On 06/07/2014 10:15 AM Thomas Leuxner wrote:
> Latest 2.2.13 HG feea8645c4d7 seems to unexpectedly kill imap-login sessions:
> 
> Jun  7 11:56:10 nihlus dovecot: imap(t...@leuxner.net): Disconnected: Logged 
> out in=2203 out=851225
> Jun  7 11:56:10 nihlus dovecot: imap(t...@leuxner.net): Disconnected: Logged 
> out in=316 out=2417
> Jun  7 11:56:10 nihlus dovecot: imap-login: Fatal: master: 
> service(imap-login): child 60505 killed with signal 11 (core not dumped - add 
> -D parameter to service imap-login { executable }
> Jun  7 11:56:10 nihlus dovecot: imap-login: Fatal: master: 
> service(imap-login): child 60595 killed with signal 11 (core not dumped - add 
> -D parameter to service imap-login { executable }
> 
> Adding the -D parameter does not generate a core dump however...
> 

Hi Thomas,

either add "ulimit -c unlimited" to your init script
 or
start Dovecot directly from your shell:

ulimit -c unlimited
dovecot [-c /path/2/dovecot.conf]

That should make Dovecot dumping core files.


Regards,
Pascal
-- 
The trapper recommends today: c01dcafe.1415...@localdomain.org

Re: [Dovecot] checkpassword memory limit

2014-06-07 Thread Alex JOST 

Am 2014-06-05 19:33, schrieb a:
Hi. I am trying to authenticate dovecot from a wordpress database. I was thinking of using the checkpassword script to start a cli php script. That php script would then include the necessary wordpress functions, do the auth (find the wp username from user database using the email address, and authenticate with the user/pass), and return the result to the checkpassword script. I made the above scripts (the php script will be used to authenticate some other services too), and when I run them "by hand" (even with "sudo -u dovecot ..."), it works. But, when the dovecot runs them, the php runs out of memory. After a lot of debuging, I find out that when the dovecot starts the checkpassword script, it makes a 250kB memory limit. But it is not enough for the php script, it needs 14MB. I tried to put a "ulimit -v 16777216" into the checkpassword.sh, but it doesn't work.Is there some hardcoded limit in the dovecot itself? And if there is, could it be somehow changed?I am using 

a

  simple D
  ebian Wheezy LAMP, and installed everything from repo. Thanks for every idea.


The whole concept sounds quite error-prone. Can't you query the database 
directly?


--
Alex JOST

[Dovecot] imap-login killed with signal 11 in Dovecot 2.2.13 (feea8645c4d7)

2014-06-07 Thread Thomas Leuxner 
Latest 2.2.13 HG feea8645c4d7 seems to unexpectedly kill imap-login sessions:

Jun  7 11:56:10 nihlus dovecot: imap(t...@leuxner.net): Disconnected: Logged 
out in=2203 out=851225
Jun  7 11:56:10 nihlus dovecot: imap(t...@leuxner.net): Disconnected: Logged 
out in=316 out=2417
Jun  7 11:56:10 nihlus dovecot: imap-login: Fatal: master: service(imap-login): 
child 60505 killed with signal 11 (core not dumped - add -D parameter to 
service imap-login { executable }
Jun  7 11:56:10 nihlus dovecot: imap-login: Fatal: master: service(imap-login): 
child 60595 killed with signal 11 (core not dumped - add -D parameter to 
service imap-login { executable }

Adding the -D parameter does not generate a core dump however...


signature.asc
Description: Digital signature