Hello,
- Dovecot 2.3.18 (originally Dovecot 2.3.16, but upgraded in an
attempt to fix issue)
- Ubuntu 20.04 using Dovecot repo
In my organization have run a cluster of dovecot proxy machines, with
the director service enabled in a transition period as we have
migrated all our users to do direct proxying to backend (e.g.
`proxy=y, host=192.168.0.2`), bypassing the director service.
Now that all users have been migrated, it is time to disable the
director service. However, even after removing all director
configuration ("doveconf -n | grep director" returns nothing) and
restarting the entire dovecot service (not just "doveadm reload"), the
error log still spits out these errors:
2022-04-29T11:27:25+0200 director: Error: Empty server list
2022-04-29T11:27:25+0200 director: Fatal: Invalid value for
director_mail_servers setting
2022-04-29T11:27:25+0200 master: Error: service(director): command
startup failed, throttling for 60.000 secs
Why is this happening? It's not critical, and logins work fine without
the director service running, but I'm trying to figure out why and
stop the log noise.
doveconf stuff:
root at director03:~# doveconf -n | grep director
# Hostname: director03
root at director03:~# doveconf -n
# 2.3.18 (9dd8408c18): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.18 (0bc28b32)
# OS: Linux 5.4.0-88-generic x86_64 Ubuntu 20.04.4 LTS
# Hostname: director03
debug_log_path = /var/log/dovecot.log
default_vsz_limit = 768 M
disable_plaintext_auth = no
doveadm_password = # hidden, use -P to show it
doveadm_port = 24245
event_exporter log {
format = json
format_args = time-rfc3339
transport = log
}
imap_id_retain = yes
info_log_path = /var/log/dovecot.log
lmtp_add_received_header = no
lmtp_proxy = yes
log_path = /var/log/dovecot.err
log_timestamp = "%FT%T%z "
login_greeting = %{hostname} ready.
login_log_format_elements = user=<%u> orig=<%{orig_user}> method=%m
proto=%s rip=%r lip=%l session=<%{session}> %c %k
login_proxy_max_disconnect_delay = 10 secs
login_trusted_networks = <redacted>
mail_plugins = quota
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext
metric auth_passdb_request_finished {
filter = event=auth_passdb_request_finished AND category=service:auth
group_by = service passdb_name result
}
passdb {
args = /etc/dovecot/dovecot-redis.conf.ext
auth_verbose = yes
driver = dict
name = redis
override_fields = proxy=y
}
protocols = imap pop3 lmtp sieve
service doveadm {
inet_listener http {
port = 8080
}
}
service imap-login {
client_limit = 2048
executable = imap-login
inet_listener imap {
address port = 143
}
inet_listener imaps {
address port = 993
ssl = yes
}
process_limit = 32
process_min_avail = 16
service_count = 0
vsz_limit = 1 G
}
service lmtp {
inet_listener lmtp {
port = 24
}
}
service managesieve-login {
client_limit = 1024
executable = managesieve-login
inet_listener sieve {
address port = 4190
}
process_limit = 2
process_min_avail = 1
service_count = 0
vsz_limit = 1 G
}
service pop3-login {
client_limit = 2048
executable = pop3-login
inet_listener pop3 {
address port = 110
}
inet_listener pop3s {
address port = 995
ssl = yes
}
process_limit = 4
process_min_avail = 2
service_count = 0
vsz_limit = 1 G
}
service stats {
client_limit = 65536
inet_listener http {
port = 9900
}
}
ssl_cert = </etc/dovecot/wildcard.crt
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1
verbose_proctitle = yes
protocol imap {
mail_max_userip_connections = 25
}
protocol pop {
mail_max_userip_connections = 25
}
local 127.0.0.0/8 {
doveadm_password = # hidden, use -P to show it
}
> On 29/04/2022 12:37 Eirik Rye <rye at trojka.no> wrote: > > > Hello, > > - Dovecot 2.3.18 (originally Dovecot 2.3.16, but upgraded in an > attempt to fix issue) > - Ubuntu 20.04 using Dovecot repo > > In my organization have run a cluster of dovecot proxy machines, with > the director service enabled in a transition period as we have > migrated all our users to do direct proxying to backend (e.g. > `proxy=y, host=192.168.0.2`), bypassing the director service. > > Now that all users have been migrated, it is time to disable the > director service. However, even after removing all director > configuration ("doveconf -n | grep director" returns nothing) and > restarting the entire dovecot service (not just "doveadm reload"), the > error log still spits out these errors: > > 2022-04-29T11:27:25+0200 director: Error: Empty server list > 2022-04-29T11:27:25+0200 director: Fatal: Invalid value for > director_mail_servers setting > 2022-04-29T11:27:25+0200 master: Error: service(director): command > startup failed, throttling for 60.000 secs >Are you sure you do not have some script / monitoring still calling `doveadm director` commands? Aki
On 29/04/2022 11:37, Eirik Rye wrote:> doveconf stuff:Apologies for the poor doveconf formatting. Trying again: # 2.3.18 (9dd8408c18): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.18 (0bc28b32) # OS: Linux 5.4.0-88-generic x86_64 Ubuntu 20.04.4 LTS # Hostname: director03 debug_log_path = /var/log/dovecot.log default_vsz_limit = 768 M disable_plaintext_auth = no doveadm_password = # hidden, use -P to show it doveadm_port = 24245 event_exporter log { format = json format_args = time-rfc3339 transport = log } imap_id_retain = yes info_log_path = /var/log/dovecot.log lmtp_add_received_header = no lmtp_proxy = yes log_path = /var/log/dovecot.err log_timestamp = "%FT%T%z " login_greeting = %{hostname} ready. login_log_format_elements = user=<%u> orig=<%{orig_user}> method=%m proto=%s rip=%r lip=%l session=<%{session}> %c %k login_proxy_max_disconnect_delay = 10 secs login_trusted_networks = <redacted> mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext metric auth_passdb_request_finished { filter = event=auth_passdb_request_finished AND category=service:auth group_by = service passdb_name result } passdb { args = /etc/dovecot/dovecot-redis.conf.ext auth_verbose = yes driver = dict name = redis override_fields = proxy=y } protocols = imap pop3 lmtp sieve service doveadm { inet_listener http { port = 8080 } } service imap-login { client_limit = 2048 executable = imap-login inet_listener imap { address port = 143 } inet_listener imaps { address port = 993 ssl = yes } process_limit = 32 process_min_avail = 16 service_count = 0 vsz_limit = 1 G } service lmtp { inet_listener lmtp { port = 24 } } service managesieve-login { client_limit = 1024 executable = managesieve-login inet_listener sieve { address port = 4190 } process_limit = 2 process_min_avail = 1 service_count = 0 vsz_limit = 1 G } service pop3-login { client_limit = 2048 executable = pop3-login inet_listener pop3 { address port = 110 } inet_listener pop3s { address port = 995 ssl = yes } process_limit = 4 process_min_avail = 2 service_count = 0 vsz_limit = 1 G } service stats { client_limit = 65536 inet_listener http { port = 9900 } } ssl_cert = </etc/dovecot/wildcard.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_min_protocol = TLSv1 verbose_proctitle = yes protocol imap { mail_max_userip_connections = 25 } protocol pop { mail_max_userip_connections = 25 } local 127.0.0.0/8 { doveadm_password = # hidden, use -P to show it } -- Eirik