1 Topic by rajahutan (edited by rajahutan 2017-02-05 09:29:06)

  • rajahutan
  • Member
  • Offline
  • Registered: 2016-03-11
  • Posts: 8

Topic: Dovecot-auth problem

Hii all,

Iam facing a problem with my iredmail : 0.8.6 and using ubuntu 12.04 and LDAP backend

every three or two days at this week dovecot service suddenly stop
email (pop3 / imap) stop responding, so i need to start manually

when i check to mail.log :

Feb 5 07:12:22 colo postfix/smtpd[6996]: warning: SASL: Connect to dovecot-auth failed: Connection refused
Feb 5 07:12:22 colo  postfix/smtpd[6996]: fatal: no SASL authentication mechanisms
Feb 5 07:12:22 colo postfix/master[454]: warning: process /usr/lib/postfix/smtpd pid 6983 exit status 1
Feb 5 07:12:22 colo postfix/master[454]: warning: process /usr/lib/postfix/smtpd pid 6985 exit status 1

this is my main.cf (part of : dovecot auth config )
I-------
167 dovecot_destination_recipient_limit = 1
168 smtpd_sasl_type = dovecot
169 smtpd_sasl_path = ./dovecot-auth
170 content_filter = smtp-amavis:[xxx.xxx.xxx.xxx]:10051
-------
using that configuration work normally over a years, and start problem since 2 weeks a go, dovecot always stop every  3 days, and then 2 days and now every day ..

should i change line 169 to : smtpd_sasl_path = /private/dovecot-auth ?

or maybe any other way ?

please help
thanks

PS :

log from mail.err

root@colo:/var/log# tail f /var/log/mail.err.1
tail: cannot open `f' for reading: No such file or directory
==> /var/log/mail.err.1 <==
Feb  5 06:39:04 colo postfix/smtpd[5120]: fatal: no SASL authentication mechanisms
Feb  5 06:39:04 colo postfix/smtpd[5124]: fatal: no SASL authentication mechanisms
Feb  5 06:39:04 colo postfix/smtpd[5125]: fatal: no SASL authentication mechanisms
Feb  5 06:39:08 colo postfix/smtpd[5112]: fatal: no SASL authentication mechanisms
Feb  5 06:39:14 colo postfix/smtpd[5118]: fatal: no SASL authentication mechanisms
Feb  5 06:39:14 colo postfix/smtpd[5122]: fatal: no SASL authentication mechanisms
Feb  5 06:39:14 colo postfix/smtpd[5126]: fatal: no SASL authentication mechanisms
Feb  5 06:39:19 colo postfix/smtpd[5115]: fatal: no SASL authentication mechanisms
Feb  5 06:39:19 colo postfix/smtpd[5116]: fatal: no SASL authentication mechanisms
Feb  5 06:39:19 colo postfix/smtpd[5121]: fatal: no SASL authentication mechanisms

thanks guys
iredmail  fans - indonesia
----

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Dovecot-auth problem

rajahutan wrote:

should i change line 169 to : smtpd_sasl_path = /private/dovecot-auth ?

It's relative path under /var/spool/postfix/. In iRedMail-0.8.6, i suppose it's "./dovecot-auth". You can do a quick check.

rajahutan wrote:

Feb  5 06:39:04 colo postfix/smtpd[5120]: fatal: no SASL authentication mechanisms

Did you upgrade Postfix or Dovecot 2 weeks ago? Any other changes 2 weeks ago?

3 Reply by rajahutan (edited by rajahutan 2017-02-05 11:33:01)

  • rajahutan
  • Member
  • Offline
  • Registered: 2016-03-11
  • Posts: 8

Re: Dovecot-auth problem

It's relative path under /var/spool/postfix/. In iRedMail-0.8.6, i suppose it's "./dovecot-auth". You can do a quick check.

- Dear ZHB
OK and thank you, so i think no need to change that path

when i check to dovecot.log with tail -f always show a log

Feb  5 10:12:27 colo postfix/smtpd[14913]: disconnect from unknown[37.xxx.xxx.xxx          ]
Feb  5 10:12:30 colo postfix/smtpd[15409]: connect from unknown[37.xxx.xxx.xxx]
Feb  5 10:12:41 colo postfix/smtpd[15409]: warning: unknown[37.xxx.xxx.xxx]: SASL           LOGIN authentication failed: UGFzc3dvcmQ6
Feb  5 10:12:41 colo postfix/smtpd[15409]: lost connection after AUTH from unkno          wn[37.37.xxx.xxx.xxx]
Feb  5 10:12:41 colo postfix/smtpd[15409]: disconnect from unknown[37.37.xxx.xxx.xxx          ]
Feb  5 10:12:42 colo postfix/smtpd[14913]: connect from unknown[37.xxx.xxx.xxx]
Feb  5 10:12:52 colo postfix/smtpd[14913]: warning: unknown[37.xxx.xxx.xxx]: SASL LOGIN authentication failed: Connection lost to authentication server
Feb  5 10:12:52 colo postfix/smtpd[14913]: lost connection after AUTH from unknown[37.37.xxx.xxx.xxx]
Feb  5 10:12:52 colo postfix/smtpd[14913]: disconnect from unknown[37.xxx.xxx.xxx]
Feb  5 10:13:03 colo postfix/smtpd[15409]: connect from unknown[37.xxx.xxx.xxx]

The IP address alway changes, and requests are coming in from all over the world. It it more likely a break in attempt or something ?
or just IMAP client tries to connect to a Dovecot server using the SASL LOGIN protocol,
then asked password ?
can i safely ignore this message ?

Did you upgrade Postfix or Dovecot 2 weeks ago? Any other changes 2 weeks ago?

there is no change on postfix / dovecot .. only change main.CF (add some public IP to mynetworks.

thanks

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Dovecot-auth problem

rajahutan wrote:

The IP address alway changes, and requests are coming in from all over the world. It it more likely a break in attempt or something ?

it's spammers trying to guess the password. Fail2ban can ban these spammers effectively.

rajahutan wrote:

there is no change on postfix / dovecot .. only change main.CF (add some public IP to mynetworks.

No idea.

Try to restart Postfix service and check its log file IMMEDIATELY to see whether it reports any error/warning after restarted.

5 Reply by rajahutan

  • rajahutan
  • Member
  • Offline
  • Registered: 2016-03-11
  • Posts: 8

Re: Dovecot-auth problem

ZhangHuangbin wrote:
rajahutan wrote:

The IP address alway changes, and requests are coming in from all over the world. It it more likely a break in attempt or something ?

it's spammers trying to guess the password. Fail2ban can ban these spammers effectively.

rajahutan wrote:

there is no change on postfix / dovecot .. only change main.CF (add some public IP to mynetworks.

No idea.

Try to restart Postfix service and check its log file IMMEDIATELY to see whether it reports any error/warning after restarted.

Hello Zang, thank you

in dovecot log : there is no error, dovecot suddenly stop and when checking mail log showing :
postfix/smtpd[5120]: fatal: no SASL authentication mechanisms
postfix/smtpd[5120]: fatal: no SASL authentication mechanisms

until now I need to start manually dovecot

i'm using shared DNS (google) for our mail server, because DNS at our ISP always overload , so for a while they give access to shared DNS.

is this save ?

6 Reply by mir

  • mir
  • Member
  • Offline
  • Registered: 2014-05-30
  • Posts: 170

Re: Dovecot-auth problem

You should upgrade both server OS and Iredmail. Ubuntu 12.04 reaches EOL in 3 weeks. https://lists.ubuntu.com/archives/ubunt … 00218.html

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Dovecot-auth problem

rajahutan wrote:

until now I need to start manually dovecot

You must figure out why Dovecot stopped suddenly, make it running stable.

It's ok to use a public DNS like Google DNS servers, the concern is performance. Using a local DNS server (in LAN or on localhost) is the best solution.

8 Reply by rajahutan

  • rajahutan
  • Member
  • Offline
  • Registered: 2016-03-11
  • Posts: 8

Re: Dovecot-auth problem

ZhangHuangbin wrote:
rajahutan wrote:

until now I need to start manually dovecot

You must figure out why Dovecot stopped suddenly, make it running stable.

It's ok to use a public DNS like Google DNS servers, the concern is performance. Using a local DNS server (in LAN or on localhost) is the best solution.

Ok Zhang, thanks
the problem occured, because running out of storage
there is a cron job every midnight to backup config,some vmail folder and then delete the oldest

dovecot stop when backup progress take a all space, so i have to running dovecot service manually.
then we modified cron job and its seems normal 
[Solved]