Steffen Kaiser
2016-Apr-07 13:02 UTC
Fwd: Intermittent IMAP Login failures - about 25% fail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 7 Apr 2016, Mobile Phone wrote:> New server & just added three domains: > now I see > "dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): > user=<username.companyname>, method=PLAIN, rip=1.1.1.1, lip=99.99.99.99, > TLS, session=<kw6Y2NYviQBex5Un>" > Plus all Outlook users keep being bounced and finally get in.Did you tried to enable auth debug? http://wiki2.dovecot.org/Debugging/Authentication - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVwZad3z1H7kL/d9rAQLDGwf/RS54zzxS4P6XxBmwPL2b3iA2YD5a9dHL +jTs6s5zS0leX8PWcrjES9BoU8pRBRm4IRqJFI5eZeWmhSVvHSe5iAEZ0n8k+MGc yunHljQLvsNg5EJtxiOf7TLw9k7lJuilKb5WR1aC5gBO0NscxWUIhXHy1uSGOGv8 xtzZPSvmZJcjQWqtVl7NklUy8+jRj42uwtS3Q3G2OhyBR45vpsPQBkeNsYHaITdF Q+LE6lAaVFuxCoX7d4XQyt+craNq0mNEl3A6DBb41YY6bK+QdXt9ciG1iOAF1aR1 zPRlII0Vt1USX9Jw+B24/f6zfFv5yQ6q/k35o9YO0taot5swtnJBOA==2aRu -----END PGP SIGNATURE-----
Yes, I had as soon as I saw strange results. The fault is still intermittent and affecting all clients. auth.log: Apr 7 15:05:27 brazil auth: message repeated 10 times: [ pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=prtg.08dir rhost=91.91.91.91 user=prtg.08dir] mail.log: Apr 7 15:05:01 brazil dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<prtg.08dir>, method=PLAIN, rip=99.99.99.99, lip=91.91.91.91, TLS, session=<sYQ7kOUvjQBex5Un> Apr 7 15:05:02 brazil postfix/smtpd[13968]: connect from unknown[91.91.19.91] Apr 7 15:05:02 brazil postfix/smtpd[13968]: disconnect from unknown[91.91.19.91] Apr 7 15:05:27 brazil dovecot: auth: Debug: auth client connected (pid=14880) Apr 7 15:05:27 brazil dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=AY8JkxUvzQBex5Un#011lip=99.99.99.99#011rip=91.91.19.91#011lport=143#011rport=59085#011resp=AHBydGcuMDhkaXJlY3QAV2VmdWNraW5IYXRlU3BhbQ=(previous base64 data may contain sensitive data) Apr 7 15:05:27 brazil dovecot: auth-worker(13031): Debug: pam(prtg.08dir,91.91.19.91): lookup service=dovecot Apr 7 15:05:27 brazil dovecot: auth-worker(13031): Debug: pam(prtg.08dir,91.91.19.91): #1/1 style=1 msg=Password: Apr 7 15:05:29 brazil dovecot: auth-worker(13031): pam(prtg.08dir,91.91.19.91): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: YesThisWasTheCorrectPassword) Apr 7 15:05:31 brazil dovecot: auth: Debug: client passdb out: FAIL#0111#011user=prtg.08dir Apr 7 15:05:31 brazil dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<prtg.08dir>, method=PLAIN, rip=91.91.19.91, lip=99.99.99.99, TLS, session=<AY8JkuUvzQBex5Un> syslog: root at brazil:/var/log# cat syslog|grep "Apr 7 15:05"|more Apr 7 15:05:01 brazil dovecot: auth: Debug: client passdb out: FAIL#0111#011user=prtg.08dir Apr 7 15:05:01 brazil dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<prtg.08dir>, method=PLAIN, rip=91.91.91.91, lip=99.99.99.99, TLS, session=<sYQ7kOUvjQBex5Un> Apr 7 15:05:02 brazil postfix/smtpd[13968]: connect from unknown[91.91.91.91] Apr 7 15:05:02 brazil postfix/smtpd[13968]: disconnect from unknown[91.91.91.91] Apr 7 15:05:27 brazil dovecot: auth: Debug: auth client connected (pid=14880) Apr 7 15:05:27 brazil dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=AY8JkuUvzQBex5Un#011lip=99.99.99.99#011rip=91.91.91.91#011lport=143#011rport=59085#011resp=AHBydGcuMDhkaXJlY3QAV2VmdWNraW5IYXRlU3BhbQ=(previous base64 data may contain sensitive data) Apr 7 15:05:27 brazil dovecot: auth-worker(13031): Debug: pam(prtg.08dir,91.91.91.91): lookup service=dovecot Apr 7 15:05:27 brazil dovecot: auth-worker(13031): Debug: pam(prtg.08dir,91.91.91.91): #1/1 style=1 msg=Password: Apr 7 15:05:29 brazil dovecot: auth-worker(13031): pam(prtg.08dir,91.91.91.91): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: YesThisWasTheCorrectPassword) Apr 7 15:05:31 brazil dovecot: auth: Debug: client passdb out: FAIL#0111#011user=prtg.08dir Apr 7 15:05:31 brazil dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<prtg.08dir>, method=PLAIN, rip=91.91.91.91, lip=99.99.99.99, TLS, session=<AY8JkuUvzQBex5Un> Apr 7 15:05:33 brazil dovecot: auth: Debug: auth client connected (pid=14881) Why it this bouncing 25% + of IMAP AUTH LOGINs? On 7 April 2016 at 14:02, Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 7 Apr 2016, Mobile Phone wrote: > > New server & just added three domains: >> now I see >> "dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): >> user=<username.companyname>, method=PLAIN, rip=1.1.1.1, lip=99.99.99.99, >> TLS, session=<kw6Y2NYviQBex5Un>" >> Plus all Outlook users keep being bounced and finally get in. >> > > Did you tried to enable auth debug? > > http://wiki2.dovecot.org/Debugging/Authentication > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVwZad3z1H7kL/d9rAQLDGwf/RS54zzxS4P6XxBmwPL2b3iA2YD5a9dHL > +jTs6s5zS0leX8PWcrjES9BoU8pRBRm4IRqJFI5eZeWmhSVvHSe5iAEZ0n8k+MGc > yunHljQLvsNg5EJtxiOf7TLw9k7lJuilKb5WR1aC5gBO0NscxWUIhXHy1uSGOGv8 > xtzZPSvmZJcjQWqtVl7NklUy8+jRj42uwtS3Q3G2OhyBR45vpsPQBkeNsYHaITdF > Q+LE6lAaVFuxCoX7d4XQyt+craNq0mNEl3A6DBb41YY6bK+QdXt9ciG1iOAF1aR1 > zPRlII0Vt1USX9Jw+B24/f6zfFv5yQ6q/k35o9YO0taot5swtnJBOA=> =2aRu > -----END PGP SIGNATURE----- > >
On 07 Apr 2016, at 19:02, Mobile Phone <cell at eceb.co.uk> wrote:> > pam(prtg.08dir,91.91.91.91): pam_authenticate() failed: Authentication > failure (password mismatch?) (given password: YesThisWasTheCorrectPassword)..> Why it this bouncing 25% + of IMAP AUTH LOGINs?PAM said that login wasn't allowed. PAM can have all kinds of plugins that can do all kinds of things. Maybe you have enabled some PAM plugin that denies the user's access even if the password is correct. Unfortunately there's no way to enable debugging for PAM. Try simplifying your PAM setup, or if you can't figure out anything else switch to passdb shadow.