SASL LOGIN : connection to server lost with more than 10 simulatneaous postfix smtps

2014-09-04 Thread Ve (HOME) 

Hi All,

I have a problem with SASL authentification from postfix when more than 
10 mails is sent from the same user simultaneously
Postfix abort connection (  Connection lost to authentication server ). 
Dovecot log after the postfix error an error about

connection lost also ( read EOF )

I don't seem to find a parameter for a maximum of connection for the 
auth process ( ther's one for imap, pop, .. ) but none for auth.


Do you have an idea of a way to solve this problem or to have better 
information ?


result of Docecot -n


# 2.2.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.15.6-gentoo--std-ipv6-64 x86_64 Gentoo Base System 
release 2.2

auth_default_realm = aprogsys.com
auth_mechanisms = plain login
auth_username_format = %Ln
dict {
  acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u
first_valid_uid = 1001
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_access_groups = dovecot
mail_location = mdbox:~/mdbox
mail_plugins =  acl notify replication
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave duplicate

namespace inbox {
  inbox = yes
  list = yes
  location =
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox Sent Messages {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix =
  separator = /
}
passdb {
  args = *
  driver = pam
}
plugin {
  acl = vfile
  acl_anyone = allow
  acl_shared_dict = proxy::acl
  antispam_backend = DSPAM
  antispam_debug_target = syslog
  antispam_dspam_args = --source=error;--signature=%%s;--user;%n
  antispam_dspam_binary = /usr/bin/dspam
  antispam_signature = X-DSPAM-Signature
  antispam_spam = SPAM
  antispam_trash = Trash
  antispam_verbose_debug = 1
  mail_replica = remote:root@192.168.1.7
  replication_dsync_parameters = -d -U
  sieve = ~/.dovecot.sieve
  sieve_before = /var/lib/dovecot/sieve
  sieve_default = /var/lib/dovecot/sieve/spam.sieve
  sieve_dir = ~/sieve
}
protocols = imap pop3 lmtp sieve
replication_max_conns = 2
service aggregator {
  fifo_listener replication-notify-fifo {
mode = 0666
  }
  unix_listener replication-notify {
mode = 0666
  }
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
  unix_listener auth-userdb {
mode = 0777
  }
  user = root
}
service dict {
  unix_listener dict {
mode = 0666
  }
}
service imap-login {
  process_min_avail = 4
  service_count = 0
  vsz_limit = 256 M
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  inet_listener sieve_deprecated {
port = 2000
  }
}
service replicator {
  process_min_avail = 1
  unix_listener replicator-doveadm {
mode = 0666
  }
}
ssl_cert = /etc/ssl/dovecot/server.pem
ssl_key = /etc/ssl/dovecot/server.pem
userdb {
  driver = passwd
}
protocol lda {
  mail_plugins =  acl notify replication sieve
}
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep 
tb-lsub-flags

  mail_max_userip_connections = 40
  mail_plugins =  acl notify replication antispam imap_acl
}

Re: SASL LOGIN : connection to server lost with more than 10 simulatneaous postfix smtps

2014-09-04 Thread LuKreme 
On 04 Sep 2014, at 03:12 , Ve (HOME) v...@vetienne.net wrote:
 Postfix abort connection

That sounds like postfix is rate limiting.

-- 
If I were willing to change my morals for convenience or financial
gain, we wouldn't be arguing, because I'd already *be* a Republican.
-- Wil Shipley

Re: SASL LOGIN : connection to server lost with more than 10 simulatneaous postfix smtps

2014-09-04 Thread Vincent ETIENNE 


Le 04/09/2014 18:34, LuKreme a écrit :
 On 04 Sep 2014, at 03:12 , Ve (HOME) v...@vetienne.net wrote:
 Postfix abort connection
 That sounds like postfix is rate limiting.

Maybe but the message log doesn't look like rate limiting
here is an example


Sep  2 16:01:05 ns3 postfix/smtpd[32576]: connect from
ns206843.ip-94-23-193.eu[94.23.193.183]
Sep  2 16:01:06 ns3 postfix/smtpd[32443]: connect from
LAubervilliers-656-01-128-94.w80-11.abo.wanadoo.fr[80.11.5.94]
Sep  2 16:01:06 ns3 postfix/smtpd[31906]: connect from
unknown[123.21.205.191]
Sep  2 16:01:09 ns3 postfix/smtpd[32600]: connect from
ns206843.ip-94-23-193.eu[94.23.193.183]
Sep  2 16:01:15 ns3 postfix/smtpd[32576]: warning:
ns206843.ip-94-23-193.eu[94.23.193.183]: SASL LOGIN authentication
failed: Connection lost to authentication server
Sep  2 16:01:15 ns3 postfix/smtpd[32576]: disconnect from
ns206843.ip-94-23-193.eu[94.23.193.183]
Sep  2 16:01:15 ns3 postfix/smtpd[32576]: connect from
ns206843.ip-94-23-193.eu[94.23.193.183]
Sep  2 16:01:15 ns3 dovecot: auth: Warning: auth client 0 disconnected
with 1 pending requests: EOF


What is strange ( at least for me ) is the 10 second delay between the
connect and the warning and that postfix log a connection lost.
And i have process_limt configured ( so 100 connection by default i think)

But will try to have more information


Vincent