thr3ads.net - dovecot - Dovecot auth-worker error after cram-md5 auth [Feb 2017]

If this information is useful, please help other people find it:
Share via:

Poliman - Serwis

2017-Feb-01 11:16 UTC

Dovecot auth-worker error after cram-md5 auth

Is there any strange thing in these config lines?

2017-02-01 9:40 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
> doveadm log errors can be helpful too
>
>
> On 01.02.2017 10:25, Poliman - Serwis wrote:
> > I can check each logs, I have root privileges.
> >
> > 2017-02-01 9:04 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
> >
> >> Can you check your logs?
> >>
> >> Aki
> >>
> >>
> >> On 01.02.2017 10:02, Poliman - Serwis wrote:
> >>> When I used backup copy of the dovecot.conf file I have this
same
> error.
> >> So
> >>> I think that maybe something was written to database? I really
would
> >> point
> >>> out that I only added
> >>> passdb {
> >>>   driver = passwd-file
> >>>   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> >>> }
> >>>
> >>> and comment out from above block default lines
> >>>   #args = /etc/dovecot/dovecot-sql.conf
> >>>   #driver = sql
> >>>
> >>> And in auth_mechanisms add line cram-md5. Nothing more in any
other
> file.
> >>>
> >>> I don't want to use cram-md5. I need move back to default
settings.
> >>> Cram-md5 was only for testing purposes. :) But I supposed that
I can
> move
> >>> back to default by commenting out added lines. But
unfortunately it
> isn't
> >>> that simple.
> >>>
> >>> 2017-02-01 8:59 GMT+01:00 Aki Tuomi <aki.tuomi at
dovecot.fi>:
> >>>
> >>>> Are you still trying to authenticate using cram-md5?
> >>>>
> >>>> Aki
> >>>>
> >>>>
> >>>> On 01.02.2017 09:51, Poliman - Serwis wrote:
> >>>>> It still use:
> >>>>> passdb {
> >>>>>   driver = passwd-file
> >>>>>   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> >>>>> }
> >>>>>
> >>>>> When I delete above and delete "cram-md5" in
auth_mechanisms it still
> >> not
> >>>>> working.
> >>>>>
> >>>>> 2017-02-01 8:45 GMT+01:00 Aki Tuomi <aki.tuomi at
dovecot.fi>:
> >>>>>
> >>>>>> You are probably wanting to do
> >>>>>> passdb {
> >>>>>>   driver = passwd-file
> >>>>>>   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> >>>>>> }
> >>>>>>
> >>>>>> passdb {
> >>>>>>   driver = sql
> >>>>>>   args = /etc/dovecot/dovecot-sql.conf
> >>>>>> }
> >>>>>>
> >>>>>> Why you want to use cram-md5 is beyond me, because
using SSL is much
> >>>>>> more safer.
> >>>>>>
> >>>>>> Aki
> >>>>>>
> >>>>>> On 01.02.2017 09:41, Poliman - Serwis wrote:
> >>>>>>> Default it was: "auth_mechanisms = plain
login"  and I added
> >> cram-md5.
> >>>>>>> After restart all work perfectly. But after I
added:
> >>>>>>>    driver = passwd-file
> >>>>>>>    args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
> >>>>>>> I can't set default lines because I got
error. Please tell me which
> >>>> lines
> >>>>>>> should be changed to resolve this issue.
Should I remove "login"
> from
> >>>>>>> auth_mechanism ("login" was default
setting and I would like to
> move
> >>>> back
> >>>>>>> to default settings)?
> >>>>>>>
> >>>>>>> 2017-02-01 8:36 GMT+01:00 Aki Tuomi
<aki.tuomi at dovecot.fi>:
> >>>>>>>
> >>>>>>>> Because cram-md5 needs the user's
password for calculating
> >> responses,
> >>>> it
> >>>>>>>> cannot work with hashed passwords (one-way
encrypted). The only
> >>>>>>>> supported password schemes are PLAIN and
CRAM-MD5.
> >>>>>>>>
> >>>>>>>> Aki
> >>>>>>>>
> >>>>>>>> On 01.02.2017 09:33, Poliman - Serwis
wrote:
> >>>>>>>>> I always restart dovecot after change
config. ;) Sure, I
> commented
> >>>> out
> >>>>>>>>> added two lines by me, restarted
dovecot and here it is:
> >>>>>>>>>
> >>>>>>>>> # 2.2.9: /etc/dovecot/dovecot.conf
> >>>>>>>>> # OS: Linux 3.13.0-100-generic x86_64
Ubuntu 14.04.5 LTS
> >>>>>>>>> auth_mechanisms = plain login cram-md5
> >>>>>>>>> listen = *,[::]
> >>>>>>>>> log_timestamp = "%Y-%m-%d
%H:%M:%S "
> >>>>>>>>> mail_max_userip_connections = 100
> >>>>>>>>> mail_plugins = " quota"
> >>>>>>>>> mail_privileged_group = vmail
> >>>>>>>>> passdb {
> >>>>>>>>>   args = /etc/dovecot/dovecot-sql.conf
> >>>>>>>>>   driver = sql
> >>>>>>>>> }
> >>>>>>>>> plugin {
> >>>>>>>>>   quota =
dict:user::file:/var/vmail/%d/%n/.quotausage
> >>>>>>>>>   sieve = /var/vmail/%d/%n/.sieve
> >>>>>>>>>   sieve_max_redirects = 25
> >>>>>>>>> }
> >>>>>>>>> postmaster_address = postmaster at
example.com
> >>>>>>>>> protocols = imap pop3
> >>>>>>>>> service auth {
> >>>>>>>>>   unix_listener
/var/spool/postfix/private/auth {
> >>>>>>>>>     group = postfix
> >>>>>>>>>     mode = 0660
> >>>>>>>>>     user = postfix
> >>>>>>>>>   }
> >>>>>>>>>   unix_listener auth-userdb {
> >>>>>>>>>     group = vmail
> >>>>>>>>>     mode = 0600
> >>>>>>>>>     user = vmail
> >>>>>>>>>   }
> >>>>>>>>>   user = root
> >>>>>>>>> }
> >>>>>>>>> service imap-login {
> >>>>>>>>>   client_limit = 1000
> >>>>>>>>>   process_limit = 512
> >>>>>>>>> }
> >>>>>>>>> service lmtp {
> >>>>>>>>>   unix_listener
/var/spool/postfix/private/dovecot-lmtp {
> >>>>>>>>>     group = postfix
> >>>>>>>>>     mode = 0600
> >>>>>>>>>     user = postfix
> >>>>>>>>>   }
> >>>>>>>>> }
> >>>>>>>>> ssl = required
> >>>>>>>>> ssl_cert = </etc/postfix/smtpd.cert
> >>>>>>>>> ssl_cipher_list >
>>>>>>>>>
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
> >>>>>>>>
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:
> >>>>>>>>
DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+
> >>>>>>>>
AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-
> >>>>>>>>
SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-
> >>>>>>>>
RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-
> >>>>>>>>
AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-
> >>>>>>>>
RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:
> >>>>>>>>
DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:
> >>>>>>>>
AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-
> >>>>>>>>
SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
> >>>>>>>>
EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!
> >>>>>>>> EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
> >>>>>>>>> ssl_dh_parameters_length = 2048
> >>>>>>>>> ssl_key = </etc/postfix/smtpd.key
> >>>>>>>>> ssl_prefer_server_ciphers = yes
> >>>>>>>>> ssl_protocols = !SSLv2 !SSLv3 !TLSv1
!TLSv1.1
> >>>>>>>>> userdb {
> >>>>>>>>>   driver = prefetch
> >>>>>>>>> }
> >>>>>>>>> userdb {
> >>>>>>>>>   args = /etc/dovecot/dovecot-sql.conf
> >>>>>>>>>   driver = sql
> >>>>>>>>> }
> >>>>>>>>> protocol imap {
> >>>>>>>>>   mail_plugins = quota imap_quota
> >>>>>>>>> }
> >>>>>>>>> protocol pop3 {
> >>>>>>>>>   mail_plugins = quota
> >>>>>>>>>   pop3_uidl_format = %08Xu%08Xv
> >>>>>>>>> }
> >>>>>>>>> protocol lda {
> >>>>>>>>>   mail_plugins = sieve quota
> >>>>>>>>>   postmaster_address = webmaster at
localhost
> >>>>>>>>> }
> >>>>>>>>> protocol lmtp {
> >>>>>>>>>   mail_plugins = quota sieve
> >>>>>>>>>   postmaster_address = webmaster at
localhost
> >>>>>>>>> }
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> 2017-02-01 8:27 GMT+01:00 Aki Tuomi
<aki.tuomi at dovecot.fi>:
> >>>>>>>>>
> >>>>>>>>>> On 01.02.2017 08:18, Poliman -
Serwis wrote:
> >>>>>>>>>>> This is debug log files in
syslog:
> >>>>>>>>>>> Feb  1 07:10:25 vps342401
dovecot: auth: Debug: client passdb
> >> out:
> >>>>>>>>>>>
CONT#0112#011PDAxODg3ODIzMTUwMzgxNzMuMTQ
> >>>>>> 4NTkyOTQyNUB2cHMzNDI0MDEub3ZoL
> >>>>>>>>>> m5ldD4>
>>>>>>>>>>> Feb  1 07:10:26 vps342401 dovecot:
auth: Debug: client in:
> >>>>>> CONT<hidden>
> >>>>>>>>>>> Feb  1 07:10:26 vps342401
dovecot: auth-worker(27069): Debug:
> >> sql(
> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): query: SELECT email
> as
> >>>>>> user,
> >>>>>>>>>>> password, maildir as
userdb_home, CONCAT( maildir_format, ':',
> >>>>>> maildir,
> >>>>>>>>>>> '/',
IF(maildir_format='maildir','Maildir',maildir_format)) as
> >>>>>>>>>> userdb_mail,
> >>>>>>>>>>> uid as userdb_uid, gid as
userdb_gid, CONCAT('*:storage=',
> quota,
> >>>>>> 'B')
> >>>>>>>> AS
> >>>>>>>>>>> userdb_quota_rule,
CONCAT(maildir, '/.sieve') as userdb_sieve
> >> FROM
> >>>>>>>>>>> mail_user WHERE (login =
'do_not_reply at example.com' OR email
> = '
> >>>>>>>>>>> do_not_reply at
example.com') AND `disablesmtp` = 'n' AND
> >> server_id > >>>>>> '1'
> >>>>>>>>>>> Feb  1 07:10:26 vps342401
dovecot: auth-worker(27069):
> password(
> >>>>>>>>>>> do_not_reply at example.com,
12.173.211.32): Requested CRAM-MD5
> >>>> scheme,
> >>>>>>>>>> but we
> >>>>>>>>>>> have only CRYPT
> >>>>>>>>>>> Feb  1 07:10:28 vps342401
dovecot: auth: Debug: client passdb
> >> out:
> >>>>>>>>>>> FAIL#0112#011user=do_not_reply
at example.com
> >>>>>>>>>>> Feb  1 07:10:28 vps342401
postfix/smtps/smtpd[27067]: warning:
> >>>>>>>>>>>
host23131.internet.3s.com[12.173.211.32]: SASL CRAM-MD5
> >>>>>> authentication
> >>>>>>>>>>> failed:
PDAxODg3ODIzMTUwMzgxNzMuMTQ4NT
> >>>> kyOTQyNUB2cHMzNDI0MDEub3ZoLm5l
> >>>>>>>> dD4>
>>>>>>>>>>> Feb  1 07:11:02 vps342401
CRON[27074]: (root) CMD
> >>>>>>>>>>>
(/usr/local/ispconfig/server/server.sh 2>&1 | while read line;
> >> do
> >>>>>> echo
> >>>>>>>>>>> `/bin/date` "$line"
>> /var/log/ispconfig/cron.log; done)
> >>>>>>>>>>> Feb  1 07:11:02 vps342401
CRON[27075]: (root) CMD
> >>>>>>>>>>>
(/usr/local/ispconfig/server/cron.sh 2>&1 | while read line;
> do
> >>>> echo
> >>>>>>>>>>> `/bin/date` "$line"
>> /var/log/ispconfig/cron.log; done)
> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth: Debug: client in:
> >>>>>>>>>>>
AUTH#0113#011CRAM-MD5#011service=smtp#011nologin#
> >>>>>>>>>>
011lip=173.72.31.7#011rip=12.173.211.32#011secured
> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth: Debug: client passdb
> >> out:
> >>>>>>>>>>>
CONT#0113#011PDE3NDg1NjE4MTgxNTk2OTAuMTQ
> >>>>>> 4NTkyOTQ3MUB2cHMzNDI0MDEub3ZoL
> >>>>>>>>>> m5ldD4>
>>>>>>>>>>> Feb  1 07:11:11 vps342401 dovecot:
auth: Debug: client in:
> >>>>>> CONT<hidden>
> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth-worker(27069): Debug:
> >> sql(
> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): query: SELECT email
> as
> >>>>>> user,
> >>>>>>>>>>> password, maildir as
userdb_home, CONCAT( maildir_format, ':',
> >>>>>> maildir,
> >>>>>>>>>>> '/',
IF(maildir_format='maildir','Maildir',maildir_format)) as
> >>>>>>>>>> userdb_mail,
> >>>>>>>>>>> uid as userdb_uid, gid as
userdb_gid, CONCAT('*:storage=',
> quota,
> >>>>>> 'B')
> >>>>>>>> AS
> >>>>>>>>>>> userdb_quota_rule,
CONCAT(maildir, '/.sieve') as userdb_sieve
> >> FROM
> >>>>>>>>>>> mail_user WHERE (login =
'do_not_reply at example.com' OR email
> = '
> >>>>>>>>>>> do_not_reply at
example.com') AND `disablesmtp` = 'n' AND
> >> server_id > >>>>>> '1'
> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth-worker(27069):
> password(
> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): Requested CRAM-MD5
> >>>> scheme,
> >>>>>>>> but
> >>>>>>>>>> we
> >>>>>>>>>>> have only CRYPT
> >>>>>>>>>>> Feb  1 07:11:13 vps342401
dovecot: auth: Debug: client passdb
> >> out:
> >>>>>>>>>>> FAIL#0113#011user=do_not_reply
at example.com
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> #####################
> >>>>>>>>>>> I added in dovecot.conf lines
in passdb block:
> >>>>>>>>>>>    driver = passwd-file
> >>>>>>>>>>>    args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
> >>>>>>>>>>> and commented out default
lines
> >>>>>>>>>>>   #args =
/etc/dovecot/dovecot-sql.conf
> >>>>>>>>>>>   #driver = sql
> >>>>>>>>>>> When I try set again default
lines I got above error
> >>>>>>>>>> Can you run doveconf -n with the
configuration that causes the
> >> above
> >>>>>>>>>> error? Also it clearly does SQL
lookup, so that error is
> happening
> >>>>>> with
> >>>>>>>>>> SQL passdb. You need to remember
to restart dovecot between
> >>>>>>>>>> configuration changes.
> >>>>>>>>>>
> >>>>>>>>>> Aki
> >>>>>>>>>>
> >>>>>>>>>>> 2017-01-31 8:08 GMT+01:00 Aki
Tuomi <aki.tuomi at dovecot.fi>:
> >>>>>>>>>>>
> >>>>>>>>>>>> On 31.01.2017 09:06,
Poliman - Serwis wrote:
> >>>>>>>>>>>>> I set up cram-md5
using this tutorial
> >>>>>>>>>>>>>
https://wiki2.dovecot.org/HowTo/CRAM-MD5 in
> >>>>>>>> /etc/dovecot/dovecot.conf
> >>>>>>>>>> in
> >>>>>>>>>>>>> passdb code block:
> >>>>>>>>>>>>> listen = *,[::]
> >>>>>>>>>>>>> protocols = imap pop3
> >>>>>>>>>>>>> #auth_mechanisms =
plain login cram-md5
> >>>>>>>>>>>>> auth_mechanisms =
cram-md5 plain login
> >>>>>>>>>>>>> #dodana nizej linia
> >>>>>>>>>>>>> ssl = required
> >>>>>>>>>>>>> disable_plaintext_auth
= yes
> >>>>>>>>>>>>> log_timestamp =
"%Y-%m-%d %H:%M:%S "
> >>>>>>>>>>>>> mail_privileged_group
= vmail
> >>>>>>>>>>>>> postmaster_address =
postmaster at vps342401.ovh.net
> >>>>>>>>>>>>> ssl_cert =
</etc/postfix/smtpd.cert
> >>>>>>>>>>>>> ssl_key =
</etc/postfix/smtpd.key
> >>>>>>>>>>>>> ssl_protocols = !SSLv2
!SSLv3 !TLSv1 !TLSv1.1
> >>>>>>>>>>>>> ssl_cipher_list >
>>>>>>>>>>>>>
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
> >>>>>>>>>>>>
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384[
> >> image:
> >>>>>>>>>>>>>
:D]HE-RSA-AES128-GCM-SHA256[image: :D]HE-DSS-AES$
> >>>>>>>>>>>>>
ssl_prefer_server_ciphers = yes
> >>>>>>>>>>>>>
ssl_dh_parameters_length = 2048
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
mail_max_userip_connections = 100
> >>>>>>>>>>>>> passdb {
> >>>>>>>>>>>>> # args =
/etc/dovecot/dovecot-sql.conf
> >>>>>>>>>>>>> # driver = sql
> >>>>>>>>>>>>> driver = passwd-file
> >>>>>>>>>>>>> args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
> >>>>>>>>>>>>> }
> >>>>>>>>>>>>> userdb {
> >>>>>>>>>>>>> driver = prefetch
> >>>>>>>>>>>>> }
> >>>>>>>>>>>>> userdb {
> >>>>>>>>>>>>> args =
/etc/dovecot/dovecot-sql.conf
> >>>>>>>>>>>>> driver = sql
> >>>>>>>>>>>>> }
> >>>>>>>>>>>>> Of course I created
cram-md5.pwd file. All mails go out and
> >> come
> >>>>>>>>>> nicely.
> >>>>>>>>>>>>> But after I want to do
default settings by commented out
> these
> >>>> two
> >>>>>>>>>> lines:
> >>>>>>>>>>>>> driver = passwd-file
> >>>>>>>>>>>>> args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
> >>>>>>>>>>>>> and uncomment
> >>>>>>>>>>>>> # args =
/etc/dovecot/dovecot-sql.conf
> >>>>>>>>>>>>> # driver = sql
> >>>>>>>>>>>>> I can't send
emails - I use Thunderbird - get error "logging
> on
> >>>>>>>> server
> >>>>>>>>>>>>> mail.example.com not
work out". Error in logs:
> >>>>>>>>>>>>> dovecot:
auth-worker(22698): Error: Auth worker sees
> different
> >>>>>>>>>>>>> passdbs/userdbs than
auth server.
> >>>>>>>>>>>>> dovecot: auth: Error:
read(anvil-auth-penalty) failed: EOF
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Is it possible that
hashed password from cram-md5.pwd file
> was
> >>>>>>>> written
> >>>>>>>>>> to
> >>>>>>>>>>>>> database (if yes then
where - I have ISPconfig)? I wasn't
> >> change
> >>>>>> any
> >>>>>>>>>>>> userdb
> >>>>>>>>>>>>> {} block and this
second userdb block has this same lines
> like
> >>>>>>>> default
> >>>>>>>>>>>>> settings in passdb
block.
> >>>>>>>>>>>>>
> >>>>>>>>>>>> Try
> >>>>>>>>>>>>
> >>>>>>>>>>>> auth_debug=yes
> >>>>>>>>>>>> auth_verbose=yes
> >>>>>>>>>>>>
> >>>>>>>>>>>> and see if it gives any
more reasonable messages.
> >>>>>>>>>>>>
> >>>>>>>>>>>> Aki
> >>>>>>>>>>>>
> >>>
> >
> >
>


-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*




*tel. 534 555 877*

*serwis at poliman.pl <serwis at poliman.pl>*

Poliman - Serwis

2017-Feb-02 06:30 UTC

head link

Dovecot auth-worker error after cram-md5 auth

I haven't doveadm logs in /var/log/. Are they default in another place or
maybe should I turn on something?
My config (default passdb block and auth_mechanisms, nothing more changed):
root at vps342401:/etc/dovecot# doveconf -n
# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-100-generic x86_64 Ubuntu 14.04.5 LTS
auth_mechanisms = plain login
listen = *,[::]
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_max_userip_connections = 100
mail_plugins = " quota"
mail_privileged_group = vmail
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
plugin {
  quota = dict:user::file:/var/vmail/%d/%n/.quotausage
  sieve = /var/vmail/%d/%n/.sieve
  sieve_max_redirects = 25
}
postmaster_address = postmaster at vps342401.ovh.net
protocols = imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0600
    user = vmail
  }
  user = root
}
service imap-login {
  client_limit = 1000
  process_limit = 512
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
ssl = required
ssl_cert = </etc/postfix/smtpd.cert
ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:
DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+
AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-
SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-
RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-
AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-
RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:
DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:
AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-
SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!
EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048
ssl_key = </etc/postfix/smtpd.key
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocol imap {
  mail_plugins = quota imap_quota
}
protocol pop3 {
  mail_plugins = quota
  pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
  mail_plugins = sieve quota
  postmaster_address = webmaster at localhost
}
protocol lmtp {
  mail_plugins = quota sieve
  postmaster_address = webmaster at localhost
}

2017-02-01 12:16 GMT+01:00 Poliman - Serwis <serwis at poliman.pl>:
> Is there any strange thing in these config lines?
>
> 2017-02-01 9:40 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>
>> doveadm log errors can be helpful too
>>
>>
>> On 01.02.2017 10:25, Poliman - Serwis wrote:
>> > I can check each logs, I have root privileges.
>> >
>> > 2017-02-01 9:04 GMT+01:00 Aki Tuomi <aki.tuomi at
dovecot.fi>:
>> >
>> >> Can you check your logs?
>> >>
>> >> Aki
>> >>
>> >>
>> >> On 01.02.2017 10:02, Poliman - Serwis wrote:
>> >>> When I used backup copy of the dovecot.conf file I have
this same
>> error.
>> >> So
>> >>> I think that maybe something was written to database? I
really would
>> >> point
>> >>> out that I only added
>> >>> passdb {
>> >>>   driver = passwd-file
>> >>>   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>> >>> }
>> >>>
>> >>> and comment out from above block default lines
>> >>>   #args = /etc/dovecot/dovecot-sql.conf
>> >>>   #driver = sql
>> >>>
>> >>> And in auth_mechanisms add line cram-md5. Nothing more in
any other
>> file.
>> >>>
>> >>> I don't want to use cram-md5. I need move back to
default settings.
>> >>> Cram-md5 was only for testing purposes. :) But I supposed
that I can
>> move
>> >>> back to default by commenting out added lines. But
unfortunately it
>> isn't
>> >>> that simple.
>> >>>
>> >>> 2017-02-01 8:59 GMT+01:00 Aki Tuomi <aki.tuomi at
dovecot.fi>:
>> >>>
>> >>>> Are you still trying to authenticate using cram-md5?
>> >>>>
>> >>>> Aki
>> >>>>
>> >>>>
>> >>>> On 01.02.2017 09:51, Poliman - Serwis wrote:
>> >>>>> It still use:
>> >>>>> passdb {
>> >>>>>   driver = passwd-file
>> >>>>>   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>> >>>>> }
>> >>>>>
>> >>>>> When I delete above and delete
"cram-md5" in auth_mechanisms it
>> still
>> >> not
>> >>>>> working.
>> >>>>>
>> >>>>> 2017-02-01 8:45 GMT+01:00 Aki Tuomi <aki.tuomi
at dovecot.fi>:
>> >>>>>
>> >>>>>> You are probably wanting to do
>> >>>>>> passdb {
>> >>>>>>   driver = passwd-file
>> >>>>>>   args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
>> >>>>>> }
>> >>>>>>
>> >>>>>> passdb {
>> >>>>>>   driver = sql
>> >>>>>>   args = /etc/dovecot/dovecot-sql.conf
>> >>>>>> }
>> >>>>>>
>> >>>>>> Why you want to use cram-md5 is beyond me,
because using SSL is
>> much
>> >>>>>> more safer.
>> >>>>>>
>> >>>>>> Aki
>> >>>>>>
>> >>>>>> On 01.02.2017 09:41, Poliman - Serwis wrote:
>> >>>>>>> Default it was: "auth_mechanisms =
plain login"  and I added
>> >> cram-md5.
>> >>>>>>> After restart all work perfectly. But
after I added:
>> >>>>>>>    driver = passwd-file
>> >>>>>>>    args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
>> >>>>>>> I can't set default lines because I
got error. Please tell me
>> which
>> >>>> lines
>> >>>>>>> should be changed to resolve this issue.
Should I remove "login"
>> from
>> >>>>>>> auth_mechanism ("login" was
default setting and I would like to
>> move
>> >>>> back
>> >>>>>>> to default settings)?
>> >>>>>>>
>> >>>>>>> 2017-02-01 8:36 GMT+01:00 Aki Tuomi
<aki.tuomi at dovecot.fi>:
>> >>>>>>>
>> >>>>>>>> Because cram-md5 needs the user's
password for calculating
>> >> responses,
>> >>>> it
>> >>>>>>>> cannot work with hashed passwords
(one-way encrypted). The only
>> >>>>>>>> supported password schemes are PLAIN
and CRAM-MD5.
>> >>>>>>>>
>> >>>>>>>> Aki
>> >>>>>>>>
>> >>>>>>>> On 01.02.2017 09:33, Poliman - Serwis
wrote:
>> >>>>>>>>> I always restart dovecot after
change config. ;) Sure, I
>> commented
>> >>>> out
>> >>>>>>>>> added two lines by me, restarted
dovecot and here it is:
>> >>>>>>>>>
>> >>>>>>>>> # 2.2.9: /etc/dovecot/dovecot.conf
>> >>>>>>>>> # OS: Linux 3.13.0-100-generic
x86_64 Ubuntu 14.04.5 LTS
>> >>>>>>>>> auth_mechanisms = plain login
cram-md5
>> >>>>>>>>> listen = *,[::]
>> >>>>>>>>> log_timestamp = "%Y-%m-%d
%H:%M:%S "
>> >>>>>>>>> mail_max_userip_connections = 100
>> >>>>>>>>> mail_plugins = " quota"
>> >>>>>>>>> mail_privileged_group = vmail
>> >>>>>>>>> passdb {
>> >>>>>>>>>   args =
/etc/dovecot/dovecot-sql.conf
>> >>>>>>>>>   driver = sql
>> >>>>>>>>> }
>> >>>>>>>>> plugin {
>> >>>>>>>>>   quota =
dict:user::file:/var/vmail/%d/%n/.quotausage
>> >>>>>>>>>   sieve = /var/vmail/%d/%n/.sieve
>> >>>>>>>>>   sieve_max_redirects = 25
>> >>>>>>>>> }
>> >>>>>>>>> postmaster_address = postmaster at
example.com
>> >>>>>>>>> protocols = imap pop3
>> >>>>>>>>> service auth {
>> >>>>>>>>>   unix_listener
/var/spool/postfix/private/auth {
>> >>>>>>>>>     group = postfix
>> >>>>>>>>>     mode = 0660
>> >>>>>>>>>     user = postfix
>> >>>>>>>>>   }
>> >>>>>>>>>   unix_listener auth-userdb {
>> >>>>>>>>>     group = vmail
>> >>>>>>>>>     mode = 0600
>> >>>>>>>>>     user = vmail
>> >>>>>>>>>   }
>> >>>>>>>>>   user = root
>> >>>>>>>>> }
>> >>>>>>>>> service imap-login {
>> >>>>>>>>>   client_limit = 1000
>> >>>>>>>>>   process_limit = 512
>> >>>>>>>>> }
>> >>>>>>>>> service lmtp {
>> >>>>>>>>>   unix_listener
/var/spool/postfix/private/dovecot-lmtp {
>> >>>>>>>>>     group = postfix
>> >>>>>>>>>     mode = 0600
>> >>>>>>>>>     user = postfix
>> >>>>>>>>>   }
>> >>>>>>>>> }
>> >>>>>>>>> ssl = required
>> >>>>>>>>> ssl_cert =
</etc/postfix/smtpd.cert
>> >>>>>>>>> ssl_cipher_list >>
>>>>>>>>>
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
>> >>>>>>>>
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:
>> >>>>>>>>
DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+
>> >>>>>>>>
AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-
>> >>>>>>>>
SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-
>> >>>>>>>>
RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-
>> >>>>>>>>
AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-
>> >>>>>>>>
RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:
>> >>>>>>>>
DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:
>> >>>>>>>>
AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-
>> >>>>>>>>
SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
>> >>>>>>>>
EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!
>> >>>>>>>>
EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
>> >>>>>>>>> ssl_dh_parameters_length = 2048
>> >>>>>>>>> ssl_key =
</etc/postfix/smtpd.key
>> >>>>>>>>> ssl_prefer_server_ciphers = yes
>> >>>>>>>>> ssl_protocols = !SSLv2 !SSLv3
!TLSv1 !TLSv1.1
>> >>>>>>>>> userdb {
>> >>>>>>>>>   driver = prefetch
>> >>>>>>>>> }
>> >>>>>>>>> userdb {
>> >>>>>>>>>   args =
/etc/dovecot/dovecot-sql.conf
>> >>>>>>>>>   driver = sql
>> >>>>>>>>> }
>> >>>>>>>>> protocol imap {
>> >>>>>>>>>   mail_plugins = quota imap_quota
>> >>>>>>>>> }
>> >>>>>>>>> protocol pop3 {
>> >>>>>>>>>   mail_plugins = quota
>> >>>>>>>>>   pop3_uidl_format = %08Xu%08Xv
>> >>>>>>>>> }
>> >>>>>>>>> protocol lda {
>> >>>>>>>>>   mail_plugins = sieve quota
>> >>>>>>>>>   postmaster_address = webmaster
at localhost
>> >>>>>>>>> }
>> >>>>>>>>> protocol lmtp {
>> >>>>>>>>>   mail_plugins = quota sieve
>> >>>>>>>>>   postmaster_address = webmaster
at localhost
>> >>>>>>>>> }
>> >>>>>>>>>
>> >>>>>>>>>
>> >>>>>>>>> 2017-02-01 8:27 GMT+01:00 Aki
Tuomi <aki.tuomi at dovecot.fi>:
>> >>>>>>>>>
>> >>>>>>>>>> On 01.02.2017 08:18, Poliman -
Serwis wrote:
>> >>>>>>>>>>> This is debug log files in
syslog:
>> >>>>>>>>>>> Feb  1 07:10:25 vps342401
dovecot: auth: Debug: client passdb
>> >> out:
>> >>>>>>>>>>>
CONT#0112#011PDAxODg3ODIzMTUwMzgxNzMuMTQ
>> >>>>>> 4NTkyOTQyNUB2cHMzNDI0MDEub3ZoL
>> >>>>>>>>>> m5ldD4>>
>>>>>>>>>>> Feb  1 07:10:26 vps342401 dovecot:
auth: Debug: client in:
>> >>>>>> CONT<hidden>
>> >>>>>>>>>>> Feb  1 07:10:26 vps342401
dovecot: auth-worker(27069): Debug:
>> >> sql(
>> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): query: SELECT email
>> as
>> >>>>>> user,
>> >>>>>>>>>>> password, maildir as
userdb_home, CONCAT( maildir_format, ':',
>> >>>>>> maildir,
>> >>>>>>>>>>> '/',
IF(maildir_format='maildir','Maildir',maildir_format))
>> as
>> >>>>>>>>>> userdb_mail,
>> >>>>>>>>>>> uid as userdb_uid, gid as
userdb_gid, CONCAT('*:storage=',
>> quota,
>> >>>>>> 'B')
>> >>>>>>>> AS
>> >>>>>>>>>>> userdb_quota_rule,
CONCAT(maildir, '/.sieve') as userdb_sieve
>> >> FROM
>> >>>>>>>>>>> mail_user WHERE (login =
'do_not_reply at example.com' OR email
>> = '
>> >>>>>>>>>>> do_not_reply at
example.com') AND `disablesmtp` = 'n' AND
>> >> server_id >> >>>>>> '1'
>> >>>>>>>>>>> Feb  1 07:10:26 vps342401
dovecot: auth-worker(27069):
>> password(
>> >>>>>>>>>>> do_not_reply at
example.com, 12.173.211.32): Requested CRAM-MD5
>> >>>> scheme,
>> >>>>>>>>>> but we
>> >>>>>>>>>>> have only CRYPT
>> >>>>>>>>>>> Feb  1 07:10:28 vps342401
dovecot: auth: Debug: client passdb
>> >> out:
>> >>>>>>>>>>>
FAIL#0112#011user=do_not_reply at example.com
>> >>>>>>>>>>> Feb  1 07:10:28 vps342401
postfix/smtps/smtpd[27067]: warning:
>> >>>>>>>>>>>
host23131.internet.3s.com[12.173.211.32]: SASL CRAM-MD5
>> >>>>>> authentication
>> >>>>>>>>>>> failed:
PDAxODg3ODIzMTUwMzgxNzMuMTQ4NT
>> >>>> kyOTQyNUB2cHMzNDI0MDEub3ZoLm5l
>> >>>>>>>> dD4>>
>>>>>>>>>>> Feb  1 07:11:02 vps342401
CRON[27074]: (root) CMD
>> >>>>>>>>>>>
(/usr/local/ispconfig/server/server.sh 2>&1 | while read
>> line;
>> >> do
>> >>>>>> echo
>> >>>>>>>>>>> `/bin/date`
"$line" >> /var/log/ispconfig/cron.log; done)
>> >>>>>>>>>>> Feb  1 07:11:02 vps342401
CRON[27075]: (root) CMD
>> >>>>>>>>>>>
(/usr/local/ispconfig/server/cron.sh 2>&1 | while read line;
>> do
>> >>>> echo
>> >>>>>>>>>>> `/bin/date`
"$line" >> /var/log/ispconfig/cron.log; done)
>> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth: Debug: client in:
>> >>>>>>>>>>>
AUTH#0113#011CRAM-MD5#011service=smtp#011nologin#
>> >>>>>>>>>>
011lip=173.72.31.7#011rip=12.173.211.32#011secured
>> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth: Debug: client passdb
>> >> out:
>> >>>>>>>>>>>
CONT#0113#011PDE3NDg1NjE4MTgxNTk2OTAuMTQ
>> >>>>>> 4NTkyOTQ3MUB2cHMzNDI0MDEub3ZoL
>> >>>>>>>>>> m5ldD4>>
>>>>>>>>>>> Feb  1 07:11:11 vps342401 dovecot:
auth: Debug: client in:
>> >>>>>> CONT<hidden>
>> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth-worker(27069): Debug:
>> >> sql(
>> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): query: SELECT email
>> as
>> >>>>>> user,
>> >>>>>>>>>>> password, maildir as
userdb_home, CONCAT( maildir_format, ':',
>> >>>>>> maildir,
>> >>>>>>>>>>> '/',
IF(maildir_format='maildir','Maildir',maildir_format))
>> as
>> >>>>>>>>>> userdb_mail,
>> >>>>>>>>>>> uid as userdb_uid, gid as
userdb_gid, CONCAT('*:storage=',
>> quota,
>> >>>>>> 'B')
>> >>>>>>>> AS
>> >>>>>>>>>>> userdb_quota_rule,
CONCAT(maildir, '/.sieve') as userdb_sieve
>> >> FROM
>> >>>>>>>>>>> mail_user WHERE (login =
'do_not_reply at example.com' OR email
>> = '
>> >>>>>>>>>>> do_not_reply at
example.com') AND `disablesmtp` = 'n' AND
>> >> server_id >> >>>>>> '1'
>> >>>>>>>>>>> Feb  1 07:11:11 vps342401
dovecot: auth-worker(27069):
>> password(
>> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): Requested CRAM-MD5
>> >>>> scheme,
>> >>>>>>>> but
>> >>>>>>>>>> we
>> >>>>>>>>>>> have only CRYPT
>> >>>>>>>>>>> Feb  1 07:11:13 vps342401
dovecot: auth: Debug: client passdb
>> >> out:
>> >>>>>>>>>>>
FAIL#0113#011user=do_not_reply at example.com
>> >>>>>>>>>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>> #####################
>> >>>>>>>>>>> I added in dovecot.conf
lines in passdb block:
>> >>>>>>>>>>>    driver = passwd-file
>> >>>>>>>>>>>    args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
>> >>>>>>>>>>> and commented out default
lines
>> >>>>>>>>>>>   #args =
/etc/dovecot/dovecot-sql.conf
>> >>>>>>>>>>>   #driver = sql
>> >>>>>>>>>>> When I try set again
default lines I got above error
>> >>>>>>>>>> Can you run doveconf -n with
the configuration that causes the
>> >> above
>> >>>>>>>>>> error? Also it clearly does
SQL lookup, so that error is
>> happening
>> >>>>>> with
>> >>>>>>>>>> SQL passdb. You need to
remember to restart dovecot between
>> >>>>>>>>>> configuration changes.
>> >>>>>>>>>>
>> >>>>>>>>>> Aki
>> >>>>>>>>>>
>> >>>>>>>>>>> 2017-01-31 8:08 GMT+01:00
Aki Tuomi <aki.tuomi at dovecot.fi>:
>> >>>>>>>>>>>
>> >>>>>>>>>>>> On 31.01.2017 09:06,
Poliman - Serwis wrote:
>> >>>>>>>>>>>>> I set up cram-md5
using this tutorial
>> >>>>>>>>>>>>>
https://wiki2.dovecot.org/HowTo/CRAM-MD5 in
>> >>>>>>>> /etc/dovecot/dovecot.conf
>> >>>>>>>>>> in
>> >>>>>>>>>>>>> passdb code block:
>> >>>>>>>>>>>>> listen = *,[::]
>> >>>>>>>>>>>>> protocols = imap
pop3
>> >>>>>>>>>>>>> #auth_mechanisms =
plain login cram-md5
>> >>>>>>>>>>>>> auth_mechanisms =
cram-md5 plain login
>> >>>>>>>>>>>>> #dodana nizej
linia
>> >>>>>>>>>>>>> ssl = required
>> >>>>>>>>>>>>>
disable_plaintext_auth = yes
>> >>>>>>>>>>>>> log_timestamp =
"%Y-%m-%d %H:%M:%S "
>> >>>>>>>>>>>>>
mail_privileged_group = vmail
>> >>>>>>>>>>>>> postmaster_address
= postmaster at vps342401.ovh.net
>> >>>>>>>>>>>>> ssl_cert =
</etc/postfix/smtpd.cert
>> >>>>>>>>>>>>> ssl_key =
</etc/postfix/smtpd.key
>> >>>>>>>>>>>>> ssl_protocols =
!SSLv2 !SSLv3 !TLSv1 !TLSv1.1
>> >>>>>>>>>>>>> ssl_cipher_list
>> >>>>>>>>>>>>>
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
>> >>>>>>>>>>>>
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384[
>> >> image:
>> >>>>>>>>>>>>>
:D]HE-RSA-AES128-GCM-SHA256[image: :D]HE-DSS-AES$
>> >>>>>>>>>>>>>
ssl_prefer_server_ciphers = yes
>> >>>>>>>>>>>>>
ssl_dh_parameters_length = 2048
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>
mail_max_userip_connections = 100
>> >>>>>>>>>>>>> passdb {
>> >>>>>>>>>>>>> # args =
/etc/dovecot/dovecot-sql.conf
>> >>>>>>>>>>>>> # driver = sql
>> >>>>>>>>>>>>> driver =
passwd-file
>> >>>>>>>>>>>>> args =
scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>> >>>>>>>>>>>>> }
>> >>>>>>>>>>>>> userdb {
>> >>>>>>>>>>>>> driver = prefetch
>> >>>>>>>>>>>>> }
>> >>>>>>>>>>>>> userdb {
>> >>>>>>>>>>>>> args =
/etc/dovecot/dovecot-sql.conf
>> >>>>>>>>>>>>> driver = sql
>> >>>>>>>>>>>>> }
>> >>>>>>>>>>>>> Of course I
created cram-md5.pwd file. All mails go out and
>> >> come
>> >>>>>>>>>> nicely.
>> >>>>>>>>>>>>> But after I want
to do default settings by commented out
>> these
>> >>>> two
>> >>>>>>>>>> lines:
>> >>>>>>>>>>>>> driver =
passwd-file
>> >>>>>>>>>>>>> args =
scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>> >>>>>>>>>>>>> and uncomment
>> >>>>>>>>>>>>> # args =
/etc/dovecot/dovecot-sql.conf
>> >>>>>>>>>>>>> # driver = sql
>> >>>>>>>>>>>>> I can't send
emails - I use Thunderbird - get error
>> "logging on
>> >>>>>>>> server
>> >>>>>>>>>>>>> mail.example.com
not work out". Error in logs:
>> >>>>>>>>>>>>> dovecot:
auth-worker(22698): Error: Auth worker sees
>> different
>> >>>>>>>>>>>>> passdbs/userdbs
than auth server.
>> >>>>>>>>>>>>> dovecot: auth:
Error: read(anvil-auth-penalty) failed: EOF
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Is it possible
that hashed password from cram-md5.pwd file
>> was
>> >>>>>>>> written
>> >>>>>>>>>> to
>> >>>>>>>>>>>>> database (if yes
then where - I have ISPconfig)? I wasn't
>> >> change
>> >>>>>> any
>> >>>>>>>>>>>> userdb
>> >>>>>>>>>>>>> {} block and this
second userdb block has this same lines
>> like
>> >>>>>>>> default
>> >>>>>>>>>>>>> settings in passdb
block.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>> Try
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> auth_debug=yes
>> >>>>>>>>>>>> auth_verbose=yes
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> and see if it gives
any more reasonable messages.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Aki
>> >>>>>>>>>>>>
>> >>>
>> >
>> >
>>
>
>
>
> --
>
> *Pozdrawiam / Best Regards*
> *Piotr Bracha*
>
>
>
>
> *tel. 534 555 877*
>
> *serwis at poliman.pl <serwis at poliman.pl>*
>


-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*




*tel. 534 555 877*

*serwis at poliman.pl <serwis at poliman.pl>*

Poliman - Serwis

2017-Feb-02 06:30 UTC

head link

Dovecot auth-worker error after cram-md5 auth

And my logs:
Error from mail.err:
Feb  1 09:50:01 vps342401 postfix/smtpd[699]: fatal: no SASL authentication
mechanisms
Feb  1 09:51:02 vps342401 postfix/smtpd[724]: fatal: no SASL authentication
mechanisms
Feb  1 09:51:02 vps342401 postfix/smtpd[725]: fatal: no SASL authentication
mechanisms
Feb  1 09:52:21 vps342401 postfix/smtps/smtpd[773]: fatal: no SASL
authentication mechanisms

Error from syslog:
Feb  1 09:52:21 vps342401 postfix/smtps/smtpd[773]: connect from
host9323131.internet.3s.com[12.34.45.56]
Feb  1 09:52:21 vps342401 postfix/smtps/smtpd[773]: fatal: no SASL
authentication mechanisms
Feb  1 09:52:22 vps342401 postfix/master[29133]: warning: process
/usr/lib/postfix/smtpd pid 773 exit status 1
Feb  1 09:52:22 vps342401 postfix/master[29133]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
Feb  1 09:53:01 vps342401 CRON[777]: (root) CMD
(/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo
`/bin/date` "$line" >> /var/log/ispconfig/cron.log; do  ne)
Feb  1 09:53:01 vps342401 CRON[778]: (root) CMD
(/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo
`/bin/date` "$line" >> /var/log/ispconfig/cron.log; done  )

Is there any strange thing in these config lines?

2017-02-02 7:30 GMT+01:00 Poliman - Serwis <serwis at poliman.pl>:
> I haven't doveadm logs in /var/log/. Are they default in another place
or
> maybe should I turn on something?
> My config (default passdb block and auth_mechanisms, nothing more changed):
> root at vps342401:/etc/dovecot# doveconf -n
> # 2.2.9: /etc/dovecot/dovecot.conf
> # OS: Linux 3.13.0-100-generic x86_64 Ubuntu 14.04.5 LTS
> auth_mechanisms = plain login
> listen = *,[::]
> log_timestamp = "%Y-%m-%d %H:%M:%S "
> mail_max_userip_connections = 100
> mail_plugins = " quota"
> mail_privileged_group = vmail
> passdb {
>   args = /etc/dovecot/dovecot-sql.conf
>   driver = sql
> }
> plugin {
>   quota = dict:user::file:/var/vmail/%d/%n/.quotausage
>   sieve = /var/vmail/%d/%n/.sieve
>   sieve_max_redirects = 25
> }
> postmaster_address = postmaster at vps342401.ovh.net
> protocols = imap pop3
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
>     group = postfix
>     mode = 0660
>     user = postfix
>   }
>   unix_listener auth-userdb {
>     group = vmail
>     mode = 0600
>     user = vmail
>   }
>   user = root
> }
> service imap-login {
>   client_limit = 1000
>   process_limit = 512
> }
> service lmtp {
>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>     group = postfix
>     mode = 0600
>     user = postfix
>   }
> }
> ssl = required
> ssl_cert = </etc/postfix/smtpd.cert
> ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:EC
> DHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDH
> E-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-
> AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-
> ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-
> SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:
> ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-
> AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-
> RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:
> AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-
> SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!
> aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-
> DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
> ssl_dh_parameters_length = 2048
> ssl_key = </etc/postfix/smtpd.key
> ssl_prefer_server_ciphers = yes
> ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
> userdb {
>   driver = prefetch
> }
> userdb {
>   args = /etc/dovecot/dovecot-sql.conf
>   driver = sql
> }
> protocol imap {
>   mail_plugins = quota imap_quota
> }
> protocol pop3 {
>   mail_plugins = quota
>   pop3_uidl_format = %08Xu%08Xv
> }
> protocol lda {
>   mail_plugins = sieve quota
>   postmaster_address = webmaster at localhost
> }
> protocol lmtp {
>   mail_plugins = quota sieve
>   postmaster_address = webmaster at localhost
> }
>
> 2017-02-01 12:16 GMT+01:00 Poliman - Serwis <serwis at poliman.pl>:
>
>> Is there any strange thing in these config lines?
>>
>> 2017-02-01 9:40 GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>
>>> doveadm log errors can be helpful too
>>>
>>>
>>> On 01.02.2017 10:25, Poliman - Serwis wrote:
>>> > I can check each logs, I have root privileges.
>>> >
>>> > 2017-02-01 9:04 GMT+01:00 Aki Tuomi <aki.tuomi at
dovecot.fi>:
>>> >
>>> >> Can you check your logs?
>>> >>
>>> >> Aki
>>> >>
>>> >>
>>> >> On 01.02.2017 10:02, Poliman - Serwis wrote:
>>> >>> When I used backup copy of the dovecot.conf file I
have this same
>>> error.
>>> >> So
>>> >>> I think that maybe something was written to database?
I really would
>>> >> point
>>> >>> out that I only added
>>> >>> passdb {
>>> >>>   driver = passwd-file
>>> >>>   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>> >>> }
>>> >>>
>>> >>> and comment out from above block default lines
>>> >>>   #args = /etc/dovecot/dovecot-sql.conf
>>> >>>   #driver = sql
>>> >>>
>>> >>> And in auth_mechanisms add line cram-md5. Nothing more
in any other
>>> file.
>>> >>>
>>> >>> I don't want to use cram-md5. I need move back to
default settings.
>>> >>> Cram-md5 was only for testing purposes. :) But I
supposed that I can
>>> move
>>> >>> back to default by commenting out added lines. But
unfortunately it
>>> isn't
>>> >>> that simple.
>>> >>>
>>> >>> 2017-02-01 8:59 GMT+01:00 Aki Tuomi <aki.tuomi at
dovecot.fi>:
>>> >>>
>>> >>>> Are you still trying to authenticate using
cram-md5?
>>> >>>>
>>> >>>> Aki
>>> >>>>
>>> >>>>
>>> >>>> On 01.02.2017 09:51, Poliman - Serwis wrote:
>>> >>>>> It still use:
>>> >>>>> passdb {
>>> >>>>>   driver = passwd-file
>>> >>>>>   args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
>>> >>>>> }
>>> >>>>>
>>> >>>>> When I delete above and delete
"cram-md5" in auth_mechanisms it
>>> still
>>> >> not
>>> >>>>> working.
>>> >>>>>
>>> >>>>> 2017-02-01 8:45 GMT+01:00 Aki Tuomi
<aki.tuomi at dovecot.fi>:
>>> >>>>>
>>> >>>>>> You are probably wanting to do
>>> >>>>>> passdb {
>>> >>>>>>   driver = passwd-file
>>> >>>>>>   args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
>>> >>>>>> }
>>> >>>>>>
>>> >>>>>> passdb {
>>> >>>>>>   driver = sql
>>> >>>>>>   args = /etc/dovecot/dovecot-sql.conf
>>> >>>>>> }
>>> >>>>>>
>>> >>>>>> Why you want to use cram-md5 is beyond me,
because using SSL is
>>> much
>>> >>>>>> more safer.
>>> >>>>>>
>>> >>>>>> Aki
>>> >>>>>>
>>> >>>>>> On 01.02.2017 09:41, Poliman - Serwis
wrote:
>>> >>>>>>> Default it was: "auth_mechanisms
= plain login"  and I added
>>> >> cram-md5.
>>> >>>>>>> After restart all work perfectly. But
after I added:
>>> >>>>>>>    driver = passwd-file
>>> >>>>>>>    args = scheme=cram-md5
/etc/dovecot/cram-md5.pwd
>>> >>>>>>> I can't set default lines because
I got error. Please tell me
>>> which
>>> >>>> lines
>>> >>>>>>> should be changed to resolve this
issue. Should I remove "login"
>>> from
>>> >>>>>>> auth_mechanism ("login" was
default setting and I would like to
>>> move
>>> >>>> back
>>> >>>>>>> to default settings)?
>>> >>>>>>>
>>> >>>>>>> 2017-02-01 8:36 GMT+01:00 Aki Tuomi
<aki.tuomi at dovecot.fi>:
>>> >>>>>>>
>>> >>>>>>>> Because cram-md5 needs the
user's password for calculating
>>> >> responses,
>>> >>>> it
>>> >>>>>>>> cannot work with hashed passwords
(one-way encrypted). The only
>>> >>>>>>>> supported password schemes are
PLAIN and CRAM-MD5.
>>> >>>>>>>>
>>> >>>>>>>> Aki
>>> >>>>>>>>
>>> >>>>>>>> On 01.02.2017 09:33, Poliman -
Serwis wrote:
>>> >>>>>>>>> I always restart dovecot after
change config. ;) Sure, I
>>> commented
>>> >>>> out
>>> >>>>>>>>> added two lines by me,
restarted dovecot and here it is:
>>> >>>>>>>>>
>>> >>>>>>>>> # 2.2.9:
/etc/dovecot/dovecot.conf
>>> >>>>>>>>> # OS: Linux 3.13.0-100-generic
x86_64 Ubuntu 14.04.5 LTS
>>> >>>>>>>>> auth_mechanisms = plain login
cram-md5
>>> >>>>>>>>> listen = *,[::]
>>> >>>>>>>>> log_timestamp = "%Y-%m-%d
%H:%M:%S "
>>> >>>>>>>>> mail_max_userip_connections =
100
>>> >>>>>>>>> mail_plugins = "
quota"
>>> >>>>>>>>> mail_privileged_group = vmail
>>> >>>>>>>>> passdb {
>>> >>>>>>>>>   args =
/etc/dovecot/dovecot-sql.conf
>>> >>>>>>>>>   driver = sql
>>> >>>>>>>>> }
>>> >>>>>>>>> plugin {
>>> >>>>>>>>>   quota =
dict:user::file:/var/vmail/%d/%n/.quotausage
>>> >>>>>>>>>   sieve =
/var/vmail/%d/%n/.sieve
>>> >>>>>>>>>   sieve_max_redirects = 25
>>> >>>>>>>>> }
>>> >>>>>>>>> postmaster_address =
postmaster at example.com
>>> >>>>>>>>> protocols = imap pop3
>>> >>>>>>>>> service auth {
>>> >>>>>>>>>   unix_listener
/var/spool/postfix/private/auth {
>>> >>>>>>>>>     group = postfix
>>> >>>>>>>>>     mode = 0660
>>> >>>>>>>>>     user = postfix
>>> >>>>>>>>>   }
>>> >>>>>>>>>   unix_listener auth-userdb {
>>> >>>>>>>>>     group = vmail
>>> >>>>>>>>>     mode = 0600
>>> >>>>>>>>>     user = vmail
>>> >>>>>>>>>   }
>>> >>>>>>>>>   user = root
>>> >>>>>>>>> }
>>> >>>>>>>>> service imap-login {
>>> >>>>>>>>>   client_limit = 1000
>>> >>>>>>>>>   process_limit = 512
>>> >>>>>>>>> }
>>> >>>>>>>>> service lmtp {
>>> >>>>>>>>>   unix_listener
/var/spool/postfix/private/dovecot-lmtp {
>>> >>>>>>>>>     group = postfix
>>> >>>>>>>>>     mode = 0600
>>> >>>>>>>>>     user = postfix
>>> >>>>>>>>>   }
>>> >>>>>>>>> }
>>> >>>>>>>>> ssl = required
>>> >>>>>>>>> ssl_cert =
</etc/postfix/smtpd.cert
>>> >>>>>>>>> ssl_cipher_list >>>
>>>>>>>>>
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
>>> >>>>>>>>
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:
>>> >>>>>>>>
DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+
>>> >>>>>>>>
AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-
>>> >>>>>>>>
SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-
>>> >>>>>>>>
RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-
>>> >>>>>>>>
AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-
>>> >>>>>>>>
RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:
>>> >>>>>>>>
DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:
>>> >>>>>>>>
AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-
>>> >>>>>>>>
SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
>>> >>>>>>>>
EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!
>>> >>>>>>>>
EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
>>> >>>>>>>>> ssl_dh_parameters_length =
2048
>>> >>>>>>>>> ssl_key =
</etc/postfix/smtpd.key
>>> >>>>>>>>> ssl_prefer_server_ciphers =
yes
>>> >>>>>>>>> ssl_protocols = !SSLv2 !SSLv3
!TLSv1 !TLSv1.1
>>> >>>>>>>>> userdb {
>>> >>>>>>>>>   driver = prefetch
>>> >>>>>>>>> }
>>> >>>>>>>>> userdb {
>>> >>>>>>>>>   args =
/etc/dovecot/dovecot-sql.conf
>>> >>>>>>>>>   driver = sql
>>> >>>>>>>>> }
>>> >>>>>>>>> protocol imap {
>>> >>>>>>>>>   mail_plugins = quota
imap_quota
>>> >>>>>>>>> }
>>> >>>>>>>>> protocol pop3 {
>>> >>>>>>>>>   mail_plugins = quota
>>> >>>>>>>>>   pop3_uidl_format =
%08Xu%08Xv
>>> >>>>>>>>> }
>>> >>>>>>>>> protocol lda {
>>> >>>>>>>>>   mail_plugins = sieve quota
>>> >>>>>>>>>   postmaster_address =
webmaster at localhost
>>> >>>>>>>>> }
>>> >>>>>>>>> protocol lmtp {
>>> >>>>>>>>>   mail_plugins = quota sieve
>>> >>>>>>>>>   postmaster_address =
webmaster at localhost
>>> >>>>>>>>> }
>>> >>>>>>>>>
>>> >>>>>>>>>
>>> >>>>>>>>> 2017-02-01 8:27 GMT+01:00 Aki
Tuomi <aki.tuomi at dovecot.fi>:
>>> >>>>>>>>>
>>> >>>>>>>>>> On 01.02.2017 08:18,
Poliman - Serwis wrote:
>>> >>>>>>>>>>> This is debug log
files in syslog:
>>> >>>>>>>>>>> Feb  1 07:10:25
vps342401 dovecot: auth: Debug: client passdb
>>> >> out:
>>> >>>>>>>>>>>
CONT#0112#011PDAxODg3ODIzMTUwMzgxNzMuMTQ
>>> >>>>>> 4NTkyOTQyNUB2cHMzNDI0MDEub3ZoL
>>> >>>>>>>>>> m5ldD4>>>
>>>>>>>>>>> Feb  1 07:10:26 vps342401 dovecot:
auth: Debug: client in:
>>> >>>>>> CONT<hidden>
>>> >>>>>>>>>>> Feb  1 07:10:26
vps342401 dovecot: auth-worker(27069): Debug:
>>> >> sql(
>>> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): query: SELECT
>>> email as
>>> >>>>>> user,
>>> >>>>>>>>>>> password, maildir as
userdb_home, CONCAT( maildir_format,
>>> ':',
>>> >>>>>> maildir,
>>> >>>>>>>>>>> '/',
IF(maildir_format='maildir','Maildir',maildir_format))
>>> as
>>> >>>>>>>>>> userdb_mail,
>>> >>>>>>>>>>> uid as userdb_uid, gid
as userdb_gid, CONCAT('*:storage=',
>>> quota,
>>> >>>>>> 'B')
>>> >>>>>>>> AS
>>> >>>>>>>>>>> userdb_quota_rule,
CONCAT(maildir, '/.sieve') as userdb_sieve
>>> >> FROM
>>> >>>>>>>>>>> mail_user WHERE (login
= 'do_not_reply at example.com' OR
>>> email = '
>>> >>>>>>>>>>> do_not_reply at
example.com') AND `disablesmtp` = 'n' AND
>>> >> server_id >>> >>>>>>
'1'
>>> >>>>>>>>>>> Feb  1 07:10:26
vps342401 dovecot: auth-worker(27069):
>>> password(
>>> >>>>>>>>>>> do_not_reply at
example.com, 12.173.211.32): Requested CRAM-MD5
>>> >>>> scheme,
>>> >>>>>>>>>> but we
>>> >>>>>>>>>>> have only CRYPT
>>> >>>>>>>>>>> Feb  1 07:10:28
vps342401 dovecot: auth: Debug: client passdb
>>> >> out:
>>> >>>>>>>>>>>
FAIL#0112#011user=do_not_reply at example.com
>>> >>>>>>>>>>> Feb  1 07:10:28
vps342401 postfix/smtps/smtpd[27067]:
>>> warning:
>>> >>>>>>>>>>>
host23131.internet.3s.com[12.173.211.32]: SASL CRAM-MD5
>>> >>>>>> authentication
>>> >>>>>>>>>>> failed:
PDAxODg3ODIzMTUwMzgxNzMuMTQ4NT
>>> >>>> kyOTQyNUB2cHMzNDI0MDEub3ZoLm5l
>>> >>>>>>>> dD4>>>
>>>>>>>>>>> Feb  1 07:11:02 vps342401
CRON[27074]: (root) CMD
>>> >>>>>>>>>>>
(/usr/local/ispconfig/server/server.sh 2>&1 | while read
>>> line;
>>> >> do
>>> >>>>>> echo
>>> >>>>>>>>>>> `/bin/date`
"$line" >> /var/log/ispconfig/cron.log; done)
>>> >>>>>>>>>>> Feb  1 07:11:02
vps342401 CRON[27075]: (root) CMD
>>> >>>>>>>>>>>
(/usr/local/ispconfig/server/cron.sh 2>&1 | while read
>>> line; do
>>> >>>> echo
>>> >>>>>>>>>>> `/bin/date`
"$line" >> /var/log/ispconfig/cron.log; done)
>>> >>>>>>>>>>> Feb  1 07:11:11
vps342401 dovecot: auth: Debug: client in:
>>> >>>>>>>>>>>
AUTH#0113#011CRAM-MD5#011service=smtp#011nologin#
>>> >>>>>>>>>>
011lip=173.72.31.7#011rip=12.173.211.32#011secured
>>> >>>>>>>>>>> Feb  1 07:11:11
vps342401 dovecot: auth: Debug: client passdb
>>> >> out:
>>> >>>>>>>>>>>
CONT#0113#011PDE3NDg1NjE4MTgxNTk2OTAuMTQ
>>> >>>>>> 4NTkyOTQ3MUB2cHMzNDI0MDEub3ZoL
>>> >>>>>>>>>> m5ldD4>>>
>>>>>>>>>>> Feb  1 07:11:11 vps342401 dovecot:
auth: Debug: client in:
>>> >>>>>> CONT<hidden>
>>> >>>>>>>>>>> Feb  1 07:11:11
vps342401 dovecot: auth-worker(27069): Debug:
>>> >> sql(
>>> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): query: SELECT
>>> email as
>>> >>>>>> user,
>>> >>>>>>>>>>> password, maildir as
userdb_home, CONCAT( maildir_format,
>>> ':',
>>> >>>>>> maildir,
>>> >>>>>>>>>>> '/',
IF(maildir_format='maildir','Maildir',maildir_format))
>>> as
>>> >>>>>>>>>> userdb_mail,
>>> >>>>>>>>>>> uid as userdb_uid, gid
as userdb_gid, CONCAT('*:storage=',
>>> quota,
>>> >>>>>> 'B')
>>> >>>>>>>> AS
>>> >>>>>>>>>>> userdb_quota_rule,
CONCAT(maildir, '/.sieve') as userdb_sieve
>>> >> FROM
>>> >>>>>>>>>>> mail_user WHERE (login
= 'do_not_reply at example.com' OR
>>> email = '
>>> >>>>>>>>>>> do_not_reply at
example.com') AND `disablesmtp` = 'n' AND
>>> >> server_id >>> >>>>>>
'1'
>>> >>>>>>>>>>> Feb  1 07:11:11
vps342401 dovecot: auth-worker(27069):
>>> password(
>>> >>>>>>>>>>> do_not_reply at
example.com,12.173.211.32): Requested CRAM-MD5
>>> >>>> scheme,
>>> >>>>>>>> but
>>> >>>>>>>>>> we
>>> >>>>>>>>>>> have only CRYPT
>>> >>>>>>>>>>> Feb  1 07:11:13
vps342401 dovecot: auth: Debug: client passdb
>>> >> out:
>>> >>>>>>>>>>>
FAIL#0113#011user=do_not_reply at example.com
>>> >>>>>>>>>>>
>>> >>>>>>>>>>>
>>> >>>>>>>>>>>
>>> >>>>>>>>>>> #####################
>>> >>>>>>>>>>> I added in
dovecot.conf lines in passdb block:
>>> >>>>>>>>>>>    driver =
passwd-file
>>> >>>>>>>>>>>    args =
scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>> >>>>>>>>>>> and commented out
default lines
>>> >>>>>>>>>>>   #args =
/etc/dovecot/dovecot-sql.conf
>>> >>>>>>>>>>>   #driver = sql
>>> >>>>>>>>>>> When I try set again
default lines I got above error
>>> >>>>>>>>>> Can you run doveconf -n
with the configuration that causes the
>>> >> above
>>> >>>>>>>>>> error? Also it clearly
does SQL lookup, so that error is
>>> happening
>>> >>>>>> with
>>> >>>>>>>>>> SQL passdb. You need to
remember to restart dovecot between
>>> >>>>>>>>>> configuration changes.
>>> >>>>>>>>>>
>>> >>>>>>>>>> Aki
>>> >>>>>>>>>>
>>> >>>>>>>>>>> 2017-01-31 8:08
GMT+01:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
>>> >>>>>>>>>>>
>>> >>>>>>>>>>>> On 31.01.2017
09:06, Poliman - Serwis wrote:
>>> >>>>>>>>>>>>> I set up
cram-md5 using this tutorial
>>> >>>>>>>>>>>>>
https://wiki2.dovecot.org/HowTo/CRAM-MD5 in
>>> >>>>>>>> /etc/dovecot/dovecot.conf
>>> >>>>>>>>>> in
>>> >>>>>>>>>>>>> passdb code
block:
>>> >>>>>>>>>>>>> listen =
*,[::]
>>> >>>>>>>>>>>>> protocols =
imap pop3
>>> >>>>>>>>>>>>>
#auth_mechanisms = plain login cram-md5
>>> >>>>>>>>>>>>>
auth_mechanisms = cram-md5 plain login
>>> >>>>>>>>>>>>> #dodana nizej
linia
>>> >>>>>>>>>>>>> ssl = required
>>> >>>>>>>>>>>>>
disable_plaintext_auth = yes
>>> >>>>>>>>>>>>> log_timestamp
= "%Y-%m-%d %H:%M:%S "
>>> >>>>>>>>>>>>>
mail_privileged_group = vmail
>>> >>>>>>>>>>>>>
postmaster_address = postmaster at vps342401.ovh.net
>>> >>>>>>>>>>>>> ssl_cert =
</etc/postfix/smtpd.cert
>>> >>>>>>>>>>>>> ssl_key =
</etc/postfix/smtpd.key
>>> >>>>>>>>>>>>> ssl_protocols
= !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
>>> >>>>>>>>>>>>>
ssl_cipher_list >>>
>>>>>>>>>>>>>
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:
>>> >>>>>>>>>>>>
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384[
>>> >> image:
>>> >>>>>>>>>>>>>
:D]HE-RSA-AES128-GCM-SHA256[image: :D]HE-DSS-AES$
>>> >>>>>>>>>>>>>
ssl_prefer_server_ciphers = yes
>>> >>>>>>>>>>>>>
ssl_dh_parameters_length = 2048
>>> >>>>>>>>>>>>>
>>> >>>>>>>>>>>>>
>>> >>>>>>>>>>>>>
mail_max_userip_connections = 100
>>> >>>>>>>>>>>>> passdb {
>>> >>>>>>>>>>>>> # args =
/etc/dovecot/dovecot-sql.conf
>>> >>>>>>>>>>>>> # driver = sql
>>> >>>>>>>>>>>>> driver =
passwd-file
>>> >>>>>>>>>>>>> args =
scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>> >>>>>>>>>>>>> }
>>> >>>>>>>>>>>>> userdb {
>>> >>>>>>>>>>>>> driver =
prefetch
>>> >>>>>>>>>>>>> }
>>> >>>>>>>>>>>>> userdb {
>>> >>>>>>>>>>>>> args =
/etc/dovecot/dovecot-sql.conf
>>> >>>>>>>>>>>>> driver = sql
>>> >>>>>>>>>>>>> }
>>> >>>>>>>>>>>>> Of course I
created cram-md5.pwd file. All mails go out and
>>> >> come
>>> >>>>>>>>>> nicely.
>>> >>>>>>>>>>>>> But after I
want to do default settings by commented out
>>> these
>>> >>>> two
>>> >>>>>>>>>> lines:
>>> >>>>>>>>>>>>> driver =
passwd-file
>>> >>>>>>>>>>>>> args =
scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>> >>>>>>>>>>>>> and uncomment
>>> >>>>>>>>>>>>> # args =
/etc/dovecot/dovecot-sql.conf
>>> >>>>>>>>>>>>> # driver = sql
>>> >>>>>>>>>>>>> I can't
send emails - I use Thunderbird - get error
>>> "logging on
>>> >>>>>>>> server
>>> >>>>>>>>>>>>>
mail.example.com not work out". Error in logs:
>>> >>>>>>>>>>>>> dovecot:
auth-worker(22698): Error: Auth worker sees
>>> different
>>> >>>>>>>>>>>>>
passdbs/userdbs than auth server.
>>> >>>>>>>>>>>>> dovecot: auth:
Error: read(anvil-auth-penalty) failed: EOF
>>> >>>>>>>>>>>>>
>>> >>>>>>>>>>>>> Is it possible
that hashed password from cram-md5.pwd file
>>> was
>>> >>>>>>>> written
>>> >>>>>>>>>> to
>>> >>>>>>>>>>>>> database (if
yes then where - I have ISPconfig)? I wasn't
>>> >> change
>>> >>>>>> any
>>> >>>>>>>>>>>> userdb
>>> >>>>>>>>>>>>> {} block and
this second userdb block has this same lines
>>> like
>>> >>>>>>>> default
>>> >>>>>>>>>>>>> settings in
passdb block.
>>> >>>>>>>>>>>>>
>>> >>>>>>>>>>>> Try
>>> >>>>>>>>>>>>
>>> >>>>>>>>>>>> auth_debug=yes
>>> >>>>>>>>>>>> auth_verbose=yes
>>> >>>>>>>>>>>>
>>> >>>>>>>>>>>> and see if it
gives any more reasonable messages.
>>> >>>>>>>>>>>>
>>> >>>>>>>>>>>> Aki
>>> >>>>>>>>>>>>
>>> >>>
>>> >
>>> >
>>>
>>
>>
>>
>> --
>>
>> *Pozdrawiam / Best Regards*
>> *Piotr Bracha*
>>
>>
>>
>>
>> *tel. 534 555 877*
>>
>> *serwis at poliman.pl <serwis at poliman.pl>*
>>
>
>
>
> --
>
> *Pozdrawiam / Best Regards*
> *Piotr Bracha*
>
>
>
>
> *tel. 534 555 877*
>
> *serwis at poliman.pl <serwis at poliman.pl>*
>


-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*




*tel. 534 555 877*

*serwis at poliman.pl <serwis at poliman.pl>*

Seemingly Similar Threads

Search for more possibly parallel threads

dovecot - Feb 2017 - Dovecot auth-worker error after cram-md5 auth

Dovecot auth-worker error after cram-md5 auth

Dovecot auth-worker error after cram-md5 auth

Dovecot auth-worker error after cram-md5 auth

Seemingly Similar Threads