Re: [Dovecot] auth tcp socket, Authentication client gave a PID 7542 of existing connection
On 21.3.2012, at 13.55, Charles Marcus wrote: > On 2012-03-21 7:48 AM, Timo Sirainen wrote: >> On 19.3.2012, at 21.16, Alex Ha wrote: >> dovecot: auth: Error: BUG: Authentication client gave a PID >> 7542 of existing connection > > Oh, right, PIDs of course aren't unique when you're using > mulitiple servers. Try if the attached patch fixes your > troubles. If it does, I'll commit it to hg. > Thanks Timo! I will try the patch and report to you. > >>> I tried the patch with 2.0.19 and the dovecot error messages >>> disappeared. > >> OK, it's going to be included in v2.1.3 and v2.0.20 (if that ever >> gets released). > > Presumably you mean 2.1.4 (since 2.1.3 is already released)? Ah, yes. :)
Re: [Dovecot] auth tcp socket, Authentication client gave a PID 7542 of existing connection
On 2012-03-21 7:48 AM, Timo Sirainen wrote: On 19.3.2012, at 21.16, Alex Ha wrote: dovecot: auth: Error: BUG: Authentication client gave a PID 7542 of existing connection Oh, right, PIDs of course aren't unique when you're using mulitiple servers. Try if the attached patch fixes your troubles. If it does, I'll commit it to hg. Thanks Timo! I will try the patch and report to you. I tried the patch with 2.0.19 and the dovecot error messages disappeared. OK, it's going to be included in v2.1.3 and v2.0.20 (if that ever gets released). Presumably you mean 2.1.4 (since 2.1.3 is already released)? -- Best regards, Charles
Re: [Dovecot] auth tcp socket, Authentication client gave a PID 7542 of existing connection
On 19.3.2012, at 21.16, Alex Ha wrote: dovecot: auth: Error: BUG: Authentication client gave a PID 7542 of existing connection >>> >>> Oh, right, PIDs of course aren't unique when you're using multiple servers. >>> Try if the attached patch fixes your troubles. If it does, I'll commit it >>> to hg. >>> >> >> Thanks Timo! I will try the patch and report to you. >> > > Hi Timo! > > I tried the patch with 2.0.19 and the dovecot error messages disappeared. OK, it's going to be included in v2.1.3 and v2.0.20 (if that ever gets released). > I still get a lot of this postfix warnings: > > SASL LOGIN authentication failed: Connection lost to authentication server > > but only for ips which tried a sasl brute force attack. > > "Connection lost to authentication server" could this be because of > the dovecot auth penalties? > so far i did not get any complaints from users. The auth penalties wait for max. 17 seconds I think. Looks like Postfix has a timeout of 10 seconds. You could disable auth penalties, or perhaps Postfix should use 20 second limit.
Re: [Dovecot] auth tcp socket, Authentication client gave a PID 7542 of existing connection
On Fri, Mar 16, 2012 at 9:39 PM, Alex Ha wrote: > On Fri, Mar 16, 2012 at 9:14 PM, Timo Sirainen wrote: >> On 16.3.2012, at 22.00, Alex Ha wrote: >> >>> dovecot: auth: Error: BUG: Authentication client gave a PID 7542 of >>> existing connection >> >> Oh, right, PIDs of course aren't unique when you're using multiple servers. >> Try if the attached patch fixes your troubles. If it does, I'll commit it to >> hg. >> > > Thanks Timo! I will try the patch and report to you. > Hi Timo! I tried the patch with 2.0.19 and the dovecot error messages disappeared. I still get a lot of this postfix warnings: SASL LOGIN authentication failed: Connection lost to authentication server but only for ips which tried a sasl brute force attack. "Connection lost to authentication server" could this be because of the dovecot auth penalties? so far i did not get any complaints from users. Thanks for your help! Alex
Re: [Dovecot] auth tcp socket, Authentication client gave a PID 7542 of existing connection
On Fri, Mar 16, 2012 at 9:14 PM, Timo Sirainen wrote: > On 16.3.2012, at 22.00, Alex Ha wrote: > >> dovecot: auth: Error: BUG: Authentication client gave a PID 7542 of >> existing connection > > Oh, right, PIDs of course aren't unique when you're using multiple servers. > Try if the attached patch fixes your troubles. If it does, I'll commit it to > hg. > Thanks Timo! I will try the patch and report to you. Alex
Re: [Dovecot] auth tcp socket, Authentication client gave a PID 7542 of existing connection
On 16.3.2012, at 22.00, Alex Ha wrote: > dovecot: auth: Error: BUG: Authentication client gave a PID 7542 of > existing connection Oh, right, PIDs of course aren't unique when you're using multiple servers. Try if the attached patch fixes your troubles. If it does, I'll commit it to hg. tcp-auth.diff Description: Binary data
[Dovecot] auth tcp socket, Authentication client gave a PID 7542 of existing connection
Hi Dovecot-list! My setup consists of a dovecot server with lmtp delivery and 3 postfix mta servers in front. Previously the mtas authenticated (SASL) through the courier-authdaemond software to our mysql database. To get support for more password formats i migrated to dovecot for SASL authentification. Our postfix mtas connect to dovecot through a tcp-socket smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = inet:10.11.100.230:12345 smtpd_sasl_security_options = noanonymous smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = broken_sasl_auth_clients = yes 10.11.100.230 is our dovecot server. Please look at the attached doveconf.log to see my auth service configuration. I did the configuration according to the postfix SASL README. http://www.postfix.org/SASL_README.html#server_dovecot I tested the setup and everything worked fine but after 2 days i noticed these error messages in my mail.log: dovecot: auth: Error: BUG: Authentication client gave a PID 7542 of existing connection and also these messages from postfix: SASL LOGIN authentication failed: Connection lost to authentication server I get the dovecot error message about 3000 times a day and postfix message about 270 times. Please see my attached mail.log for a detailed trace. Thank you for your help :) Alex doveconf.log Description: Binary data mail.log Description: Binary data
