Hello!

I run dovecot for many years now, but today it ran into a bug I've never
seen before. Searching the archives, this bug seems to occur very seldom.

The current server installation & configuration is running since mid
2015, uptime of the server today is more than two months. It is a
virtual machine in a data center, debian 7 / reiserfs, 'dovecot -n'
output below.

Just within normal operation, suddenly my users could no longer check
their IMAP accounts, log shows lots of entries like this:

----------------------- /var/log/mail.log excerpt ---------------------
2017-01-08 08:15:23 dovecot: auth: Error: BUG: Authentication client
sent unknown handshake command:
REQUEST?3484549121?11364?1?74fa603b892f9a262605ae6c2ce1d9a1
2017-01-08 08:15:23 dovecot: imap: Error: Authentication server didn't
send valid SPID as expected: MECH#011PLAIN#011plaintext
2017-01-08 08:15:23 dovecot: imap: Error: Disconnected from auth server,
aborting (client-pid=11364 client-id=1)
2017-01-08 08:15:23 dovecot: imap-login: Internal login failure
(pid=11364 id=1) (internal failure, 1 succesful auths):
user=<USER_NAME>, method=PLAIN, rip=<USER_IP>, lip=85.214.143.57,
mpid=11368, TLS, session=<0oiwA5BFmQBQhoL1>
-----------------------------------------------------------------------

Strangely, sending mails still worked fine (postfix uses dovecot SASL
authentification).

I could not find any hint what might have caused the error in any
logfile. After restarting dovecot everything is back to normal operation.

Is there any other information I can / should provide?

Thanks for your efforts,
Marcus


----------------------- output of 'dovecot -n' ------------------------
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.41-042stab120.16 i686 Debian 7.11
mail_location = maildir:~/Maildir
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  driver = pam
}
protocols = " imap"
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}
ssl_cert = </correct_path_to/mailbox.endberg.net-chain.cert
ssl_cipher_list =
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_key = </home/sslcerts/keys/mailbox.endberg.net.key
ssl_protocols = !SSLv2 !SSLv3
userdb {
  driver = passwd
}
-----------------------------------------------------------------------

Reply via email to