search for: auth_failure_delay

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'm using Dovecot v2.2 with unix_listener auth-client { } to verify passwords for a different service. However, it looks like that auth_failure_delay effects all connects going through that socket. I mean: connect /var/run/dovecot2.2/auth-client attempt bad auth 2s penalty NO disconnect ==> Note, it's another connection almost immediately following each connect /var/run/dovecot2.2/auth-client attempt good auth 2s penalty OK disconnect...

...e authentication server to test IMAP, IMAPs, POP3, and APOP. To run the tests (most of which are authentication failures), I configure dovecot without authentication failure delays, since obviously I don't want to wait several minutes for the tests to finish. Setting the configuration variable auth_failure_delay to 0 worked fine in Dovecot 1.2, but since Debian updated to Dovecot 2.0 it no longer works. The tests take a very long time to run. I tried changing my passwd file to include nodelay=y, but this only works in a very limited way. For the set of tests which use the correct username, but an incorrec...

...58982849 [AUTHENTICATIONFAILED] Authentication failed. 4.50464391708 [AUTHENTICATIONFAILED] Authentication failed. 8.50679802895 [AUTHENTICATIONFAILED] Authentication failed. 15.5040819645 [AUTHENTICATIONFAILED] Authentication failed. 15.5039038658 (Note that these results are with auth_failure_delay set to 0, more on that in a bit.) Aside from the extra half second on each attempt (which I have no clue about), there is no delay on the first attempt. Subsequent delays seem to have the correct timing. I *think* this is because auth_penalty_lookup is called from auth_request_handler_auth_begin, t...

Hi Robert, On 07/18/2017 11:43 PM, Robert Schetterer wrote: > i guess not, but typical bots arent using ssl, check it > > however fail2ban sometimes is to slow I have configured dovecot with auth_failure_delay = 10 secs I hope that before the 10 sec are over, dovecot will have logged about the failed login attempt, and fail2ban will have blocked the ip by then. MJ

Currently Dovecot works like this when authentication fails: - the delay is always at least auth_failure_delay seconds (default: 2s) - each failed attempt doubles the delay for that specific imap/pop3 connection (no such delays for e.g. smtp) - the delay's upper limit is 3 minutes For v2.0 I was planning on making dovecot-auth process do these checks and keeping the state in anvil process: - the de...

OK, I obviously forgot something when setting up new user accounts (which I did via postfix admin to add them to the MySQL database): dovecot: lda(chance at example.com): Error: User initialization failed: Namespace '': Ambiguous mail location setting, don't know what to do with it: /usr/local/virtual/chance@ example.com (try prefixing it with mbox: or milder:) I have lots of mysql

...userdb { } unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } } service auth-worker { } service dict { unix_listener dict { } } disable_plaintext_auth = no auth_cache_size = 1024 auth_cache_ttl = 1 hour auth_cache_negative_ttl = 1 hour auth_failure_delay = 60 secs auth_mechanisms = plain login passdb { driver = pam args = cache_key=%u%r%s * } userdb { driver = passwd } mail_location = maildir:~/Maildir mail_plugin_dir = /usr/lib/dovecot mail_plugins = $mail_plugins mail_log notify maildir_very_dirty_syncs = yes protocol imap { mail_max_userip_...

...tfix want to write to /var/log/dovecot.log. I never said postfix was writing to dovecot's log. What gave you that idea? # doveconf -n # 2.2.34 (874deae): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.22 (22940fb7) # OS: FreeBSD 11.1-RELEASE-p4 i386 # Hostname: mail.covisp.net auth_failure_delay = 5 secs auth_mechanisms = PLAIN LOGIN default_client_limit = 4096 default_process_limit = 1024 default_vsz_limit = 768 M disable_plaintext_auth = no first_valid_uid = 89 imap_id_log = * lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes log_path = /var/log/dovecot login_log_format_elemen...

Aki Tuomi wrote: > > Can you do > > doveconf -a | grep auth_mech > auth_mechanisms = plain login P.S. Seems this 2.2.24 is the last win10 compatible version (as my testserver doesn't have win10 users and thunderbird works well), any never version gives an error. However I didn't find any hint from http://www.dovecot.org/list/dovecot-news/2016-July/000324.html etc. --

...onfiguration of the backend Dovecot instance. # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.5.2.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.3 (Santiago) auth_cache_negative_ttl = 3 secs auth_cache_size = 100 M auth_cache_ttl = 10 mins auth_default_realm = example.com auth_failure_delay = 5 secs auth_mechanisms = plain login auth_verbose_passwords = sha1 auth_worker_max_count = 25 base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_gid = 12 first_valid_uid = 8 last_valid_gid = 12 last_valid_uid = 8 login_greeting = Hello there. login_log_format_elements = user=&lt...

...master: service(imap): child 20258 killed with signal 6 (core not dumped - set service imap { drop_priv_before_exec=yes }) Here is config output: root at mail2:/userM/mail-services/dovecot/sbin# ./dovecot -n # 2.2.13: /userM/mail-services/dovecot/etc/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc auth_failure_delay = 5 secs auth_mechanisms = plain login cram-md5 auth_worker_max_count = 300 base_dir = /userM/mail-services/dovecot/var/run/dovecot/ disable_plaintext_auth = no hostname = mail2.engr.colostate.edu managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encode...

What syntax is needed to make this work? The 2.0 wiki recomendations don't work - I can see the inboxes or the folders but not both at once and there are lots of error messages about prefix clashes if I simply use the existing 2.0.20 conf file on 2.1.6 The layout I have is: Inboxes in mbox format - /var/spool/mail/%u Folders in maildir format - /var/spool/imap/%u/Maildir/ Control and

...something wrong with my config? Any hints are welcome. Thanks in advance, Florian dovecot -n # 2.2.12.12 (03196f188677): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-042stab085.20 x86_64 CentOS release 6.5 (Final) auth_cache_negative_ttl = 10 mins auth_cache_size = 10 M auth_cache_ttl = 2 hours auth_failure_delay = 10 secs auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_gid = 105 first_valid_uid = 105 hostname = ... imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags imap_idle_notify_int...

...quot;to" ?+(.*)@" { fileinto :create ?${1}"; stop; } Seems like it should work. Should I add this to default.sieve? # 2.3.6 (7eab80676): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.5.6 (92dc263a) # OS: FreeBSD 11.2-RELEASE-p10 i386 # Hostname: mail.covisp.net auth_failure_delay = 5 secs auth_mechanisms = PLAIN LOGIN default_client_limit = 4096 default_process_limit = 1024 default_vsz_limit = 768 M disable_plaintext_auth = no first_valid_uid = 89 imap_id_log = * login_log_format_elements = user=<%u> %r %m %c mail_location = maildir:~/Maildir mail_max_userip_connectio...

...it who rely on it. Here is my local.conf ( I added the ssl_protocols and ssl_min_protocol entries just a few minutes ago while attempting to resolve) auth_cache_size = 100 k auth_cache_ttl = 12 hours auth_cache_negative_ttl = 12 hours auth_cache_verify_password_with_worker=yes auth_verbose = yes auth_failure_delay = 7 secs default_client_limit = 500 default_process_limit = 50 default_vsz_limit = 100 M verbose_proctitle = yes protocols = pop3 imap pop3_uidl_format = %08Xu%08Xv imap_idle_notify_interval = 244 secs info_log_path = /var/log/dovecot-info.log log_path = /var/log/dovecot-error.log maildir_very_dirt...

...1.38.25.png?dl=0> # cat /usr/local/etc/dovecot/virtual/month/dovecot-vitual # ~/Maildir/virtual/month/dovecot-virtual * all younger 2678400 # doveconf -n # 2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: FreeBSD 11.1-RELEASE-p4 i386 auth_failure_delay = 5 secs auth_mechanisms = PLAIN LOGIN default_client_limit = 4096 default_process_limit = 1024 default_vsz_limit = 768 M disable_plaintext_auth = no first_valid_uid = 89 imap_id_log = * lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_log_format_elements = user=<%u> %r %m %...

...deleting the old dovecot.index* or dovecot-uidlist files from maildirs, or doing an doveadm force-refresh for all inboxes ? Thank you ! Here's my configuration: # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.16 (fed8554) # OS: Linux 4.9.0-8-amd64 x86_64 Debian 9.6 nfs auth_failure_delay = 15 secs auth_mechanisms = plain login auth_verbose = yes auth_worker_max_count = 256 default_client_limit = 40000 default_process_limit = 512 dict { lastlogin = mysql:/etc/dovecot/mysql/dovecot-dict-lastlogin.conf quotadict = mysql:/etc/dovecot/mysql/dovecot-dict-quota.conf } disable_plaintex...

...ist files from maildirs, or doing an doveadm force-refresh for > all inboxes ? > > Thank you ! > > Here's my configuration: > > # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.16 (fed8554) > # OS: Linux 4.9.0-8-amd64 x86_64 Debian 9.6 nfs > auth_failure_delay = 15 secs > auth_mechanisms = plain login > auth_verbose = yes > auth_worker_max_count = 256 > default_client_limit = 40000 > default_process_limit = 512 > dict { > lastlogin = mysql:/etc/dovecot/mysql/dovecot-dict-lastlogin.conf > quotadict = mysql:/etc/dovecot/mysql/do...

...ap16 dovecot: auth: Fatal: master: service(auth): child 6133 killed with signal 6 (core dumped) Config: # 2.3.9.2 (844fc8246): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.9 (db4e9a2f) # OS: Linux 4.9.0-12-amd64 x86_64 Debian 9.12 # Hostname: imap16.domain.de auth_default_realm = domain.de auth_failure_delay = 0 auth_mechanisms = plain login cram-md5 auth_username_format = %{if;%d;eq;domain.de;%n at olddomain.de;%u} auth_verbose = yes base_dir = /var/run/dovecot/ default_client_limit = 4096 default_internal_user = pop default_process_limit = 400 default_vsz_limit = 1 G doveadm_password = # hidden, use...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 13 Feb 2014, Murray Trainer wrote: > Haven't setup mail delivery yet but the lda will need some sort of > setuid access to write mail to the user folders. That's one reason I switched to LMTP at last. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)