Hi,
last friday I upgraded from dovecot-2.3.10.1_2 to dovecot-2.3.11.3 (FreeBSD).
Since then, I started having some issues with some customers.
The log I see is like:
pop3-login: Disconnected (tried to use unsupported auth mechanism):
user=<username at domain.it>, method=USER, rip=x,y,x,z, lip=x,y,w,z,
session=<e5KkR5qto8hPAL9q>
While, before upgrade, same user logged succesfully:
pop3-login: Login: user=<username at domain.it>, method=PLAIN,
rip=x,y,x,z, lip=x,y,w,z, mpid=62876, session=<dMRmGWCtFtJtdcy6>
This is my conf (unchanged since months):
# dovecot -n
# 2.3.11.3 (502c39af9): /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 12.1-RELEASE-p8 amd64 zfs
# Hostname: server
doveconf: Warning: please set ssl_dh=</usr/local/etc/dovecot/dh.pem
doveconf: Warning: You can generate it with: dd
if=/var/db/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der
> /usr/local/etc/dovecot/dh.pem
auth_mechanisms = plain login digest-md5 cram-md5
auth_verbose = yes
auth_verbose_passwords = yes
default_client_limit = 2000
default_process_limit = 500
default_vsz_limit = 512 M
disable_plaintext_auth = no
first_valid_gid = 125
first_valid_uid = 125
imap_id_log = *
mail_gid = 1003
mail_location = maildir:/mail/domains
mail_privileged_group = postfix
mail_uid = 1003
namespace inbox {
inbox = yes
location mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix }
passdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-sql-crypt.conf.ext
driver = sql
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
group = postfix
mode = 0600
user = postfix
}
}
service imap {
process_limit = 1024
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl_cert = </etc/ssl/wildcard.domain.net_bundle.crt
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol imap {
mail_max_userip_connections = 100
}
any help?
Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20200824/9afb50c9/attachment-0001.html>
On Mon, Aug 24, 2020 at 17:11:04 +0200, absolutely_free at libero.it wrote:> Hi, > > last friday I upgraded from dovecot-2.3.10.1_2 to dovecot-2.3.11.3 (FreeBSD). > > Since then, I started having some issues with some customers. > > The log I see is like: > > pop3-login: Disconnected (tried to use unsupported auth mechanism): user=<username at domain.it>, method=USER, rip=x,y,x,z, lip=x,y,w,z, session=<e5KkR5qto8hPAL9q> > > While, before upgrade, same user logged succesfully: > > pop3-login: Login: user=<username at domain.it>, method=PLAIN, rip=x,y,x,z, lip=x,y,w,z, mpid=62876, session=<dMRmGWCtFtJtdcy6>The only thing that comes to mind is the pop3 issue where an auth attempt after a failed auth attempt would always fail. I'm not sure why the client that's having issues is failing the first attempt (unless it tries an unsupported mechanism first, and then tries to fall back to PLAIN). Anyway, there is a fix on the master branch. https://github.com/dovecot/core/commit/d0ea7f9f4530878a40ae0275cf0c36d3ff9111fc You can try to patch the 2.3.11.3 code with it and see if that helps. 2.3.12 and 2.3.11.4 (if there is one) will have this fix. Jeff. -- mainframe, n.: An obsolete device still used by thousands of obsolete companies serving billions of obsolete customers and making huge obsolete profits for their obsolete shareholders. And this year's run twice as fast as last year's.
Thank you! I really appreciate your help> Il 24/08/2020 18:37 Josef 'Jeff' Sipek <jeff.sipek at open-xchange.com> ha scritto: > > > On Mon, Aug 24, 2020 at 17:11:04 +0200, absolutely_free at libero.it wrote: > > Hi, > > > > last friday I upgraded from dovecot-2.3.10.1_2 to dovecot-2.3.11.3 (FreeBSD). > > > > Since then, I started having some issues with some customers. > > > > The log I see is like: > > > > pop3-login: Disconnected (tried to use unsupported auth mechanism): user=<username at domain.it>, method=USER, rip=x,y,x,z, lip=x,y,w,z, session=<e5KkR5qto8hPAL9q> > > > > While, before upgrade, same user logged succesfully: > > > > pop3-login: Login: user=<username at domain.it>, method=PLAIN, rip=x,y,x,z, lip=x,y,w,z, mpid=62876, session=<dMRmGWCtFtJtdcy6> > > The only thing that comes to mind is the pop3 issue where an auth attempt > after a failed auth attempt would always fail. I'm not sure why the client > that's having issues is failing the first attempt (unless it tries an > unsupported mechanism first, and then tries to fall back to PLAIN). Anyway, > there is a fix on the master branch. > > https://github.com/dovecot/core/commit/d0ea7f9f4530878a40ae0275cf0c36d3ff9111fc > > You can try to patch the 2.3.11.3 code with it and see if that helps. > 2.3.12 and 2.3.11.4 (if there is one) will have this fix. > > Jeff. > > -- > mainframe, n.: > An obsolete device still used by thousands of obsolete companies serving > billions of obsolete customers and making huge obsolete profits for their > obsolete shareholders. And this year's run twice as fast as last year's.