I'm having great difficulty debugging this problem.. I'm having
intermittant problems connecting to dovecot. This started a couple of
days ago following an apt-get update on the server.
I'm running Ubuntu 14.04, dovecot 2.2.9. Here's my dovecot -n
---
# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.19.0-59-generic x86_64 Ubuntu 14.04.4 LTS
auth_mechanisms = plain login
mail_location = maildir:~/Maildir
namespace inbox {
inbox = yes
location mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix }
passdb {
driver = pam
}
plugin {
sieve_dir = ~/sieve
}
protocols = imap
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
user = $default_internal_user
}
ssl = required
ssl_cert = </etc/dovecot/box.neuralnet.org.uk_crt.pem
ssl_key = </etc/dovecot/box.neuralnet.org.uk_key.pem
ssl_protocols = !SSLv2 !SSLv3
userdb {
driver = passwd
}
---
Pretty standard stuff. In addition disable_plaintext_auth = yes is set
in 10-auth.conf
This showed up in the mail.err after the reboot;
---
May 17 09:04:51 server dovecot: imap-login: Error: read(anvil) failed: EOF
May 17 09:04:51 server dovecot: auth: Error: read(anvil-auth-penalty)
failed: EOF
May 17 09:04:51 server dovecot: auth: Error:
net_connect_unix(anvil-auth-penalty) failed: Permission denied
---
At that point
The following commands were run on the server a few minutes apart with
no changes made in the interim;
---
username at box /etc/dovecot $ doveadm user username
field valueuserdb lookup: user username doesn't exist
username at box /etc/dovecot $ doveadm user username
field value
uid 1000
gid 1000
home /home/username
mail maildir:~/Maildir
system_groups_user username
---
so, passdb wasn't accessible, but now it is ?
Imap logins are showing in mail.log as failing, but thunderbird is
currently connected;
---
May 18 12:00:58 box dovecot: imap-login: Disconnected (auth failed, 3
attempts in 19 secs): user=<username>, method=PLAIN, rip=10.0.0.3,
lip=10.0.0.99, TLS, session=<********>
May 18 12:08:27 box dovecot: imap-login: Disconnected (auth failed, 3
attempts in 20 secs): user=<username>, method=PLAIN, rip=10.0.0.3,
lip=10.0.0.99, TLS, session=<********>
May 18 12:08:50 box dovecot: imap-login: Disconnected (auth failed, 3
attempts in 12 secs): user=<username>, method=PLAIN, rip=10.0.0.3,
lip=10.0.0.99, TLS, session=<********>
---
do I conclude that method=plain is failing, whereas method=login
succeeds ? I tried setting auth_debug_password=yes and get the following;
---
May 18 12:26:42 box dovecot: auth: Debug: client in:
CONT#0111#011A********== (previous base64 data may contain sensitive data)
May 18 12:26:42 box dovecot: auth-worker(12214): Debug: Loading modules
from directory: /usr/lib/dovecot/modules/auth
May 18 12:26:42 box dovecot: auth-worker(12214): Debug:
pam(expert,10.0.0.3): lookup service=dovecot
May 18 12:26:42 box dovecot: auth-worker(12214): Debug:
pam(expert,10.0.0.3): #1/1 style=1 msg=Password:
May 18 12:26:42 box dovecot: auth-worker(12211): pam(username,10.0.0.3):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: ******)
May 18 12:26:44 box dovecot: auth: Debug: client passdb out:
FAIL#0112#011user=username
---
Any assistance debugging this further is greatly recieved! Thanks.