It looks like the issue is fixed. It seems for whatever reason when I edited 10-auth.conf to uncomment auth_username_format = %Lu -- at some point the var was changed using an invalid format and Dovecot restarted. When auth_username_format had valid defined vars and Dovecot restarted, /var/lib/dovecot did not 'update' from what I could tell. It looks like /var/lib/dovecot somehow did not know about the updated correction made and even when having the option commented out as it continued to spit out errors ~5 min.
Ultimately stopping dovecot and moving aside /var/lib/dovecot to
dovecot.problem, then starting dovecot recreated /var/lib/dovecot. This
now results in no more errors. Everything is good again. Sorry for the
noise.
Cheers,
Tony
> /etc/dovecot/conf.d/10-auth.conf by simply enabling
> "*auth_username_format = %Lu*"
On 8/26/17 3:58 AM, Tony wrote:
> Did some additional testing with these results.
>
> * Configured a new Dovecot host (copied over existing config from 1 of
> the replicated hosts.
> * Verified permissions on new host
>
> drwxr-xr-x 3 root root 4096 Aug 26 00:05 /etc/dovecot/
> drwxr-xr-x 5 root dovecot 800 Aug 26 02:50 /var/run/dovecot/
>
>
> Made sure address matches new host:
>
> service lmtp {
> user = vmail
> inet_listener lmtp {
> address = 173.xxx.xxx.xxx 192.xxx.xxx.xxx 127.0.0.1 ::1
> port = 24
> }
>
> Verified replication is unrelated from new host:
>
> replication plugin = disabled (no errors)
> replication plugin = enabled (same error on existing replicated host,
> but not new host)
>
> new host serving Dovecot by itself with no replication: no errors
> new host serving Dovecot with replication (target: existing replication
> host): no errors (but existing host still gives errors)
>
> existing host serving Dovecot with replication: errors
> existing host serving Dovecot by itself with no replication: errors
>
>
> New Working Dovecot Instance:
>
> # ll /var/run/dovecot/
> total 4
> srw------- 1 root root 0 Aug 26 01:50 anvil
> srw------- 1 root root 0 Aug 26 01:50 anvil-auth-penalty
> srw------- 1 dovecot root 0 Aug 26 01:50 auth-client
> srw------- 1 dovecot root 0 Aug 26 01:50 auth-login
> srw------- 1 root root 0 Aug 26 01:50 auth-master
> -rw------- 1 root root 32 Aug 26 01:50 auth-token-secret.dat
> srw-rw---- 1 vmail vmail 0 Aug 26 01:50 auth-userdb
> srw------- 1 dovecot root 0 Aug 26 01:50 auth-worker
> srw------- 1 vmail root 0 Aug 26 01:50 config
> srw-rw---- 1 vmail vmail 0 Aug 26 01:50 dict
> srw------- 1 root root 0 Aug 26 01:50 dict-async
> srw------- 1 root root 0 Aug 26 01:50 director-admin
> srw------- 1 root root 0 Aug 26 01:50 director-userdb
> srw-rw-rw- 1 root root 0 Aug 26 01:50 dns-client
> srw------- 1 root root 0 Aug 26 01:50 doveadm-server
> lrwxrwxrwx 1 root root 25 Aug 26 01:50 dovecot.conf ->
> /etc/dovecot/dovecot.conf
> drwxr-xr-x 2 root root 40 Aug 26 01:49 empty
> srw------- 1 root root 0 Aug 26 01:50 imap-hibernate
> srw------- 1 root root 0 Aug 26 01:50 imap-master
> srw-rw-rw- 1 root root 0 Aug 26 01:50 imap-urlauth
> srw------- 1 dovecot root 0 Aug 26 01:50 imap-urlauth-worker
> srw-rw-rw- 1 root root 0 Aug 26 01:50 indexer
> srw------- 1 dovecot root 0 Aug 26 01:50 indexer-worker
> srw------- 1 root root 0 Aug 26 01:50 ipc
> srw-rw-rw- 1 root root 0 Aug 26 01:50 lmtp
> srw------- 1 root root 0 Aug 26 01:50 log-errors
> drwxr-x--- 2 root dovenull 160 Aug 26 01:50 login
> srw------- 1 root root 0 Aug 26 01:50 master
> srw------- 1 vmail root 0 Aug 26 01:50 quota-warning
> srw-rw-rw- 1 vmail root 0 Aug 26 01:50 replication-notify
> prw-rw-rw- 1 vmail root 0 Aug 26 01:50 replication-notify-fifo
> srw------- 1 dovecot root 0 Aug 26 01:50 replicator
> srw-rw-rw- 1 dovecot root 0 Aug 26 01:50 replicator-doveadm
> srw-rw-rw- 1 root root 0 Aug 26 01:50 ssl-params
> srw------- 1 root root 0 Aug 26 01:50 stats
> prw------- 1 vmail root 0 Aug 26 02:47 stats-mail
> prw------- 1 root root 0 Aug 26 01:50 stats-user
> drwxr-x--- 2 root dovenull 80 Aug 26 01:50 token-login
>
> Existing replicated instance with errors:
>
> # ll /var/run/dovecot/
> total 8
> srw------- 1 root root 0 Aug 26 03:31 anvil
> srw------- 1 root root 0 Aug 26 03:31 anvil-auth-penalty
> srw------- 1 dovecot root 0 Aug 26 03:31 auth-client
> srw------- 1 dovecot root 0 Aug 26 03:31 auth-login
> srw------- 1 root root 0 Aug 26 03:31 auth-master
> -rw------- 1 root root 32 Aug 26 02:11 auth-token-secret.dat
> srw-rw---- 1 vmail vmail 0 Aug 26 03:31 auth-userdb
> srw------- 1 dovecot root 0 Aug 26 03:31 auth-worker
> srw------- 1 vmail root 0 Aug 26 03:31 config
> srw-rw---- 1 vmail vmail 0 Aug 26 03:31 dict
> srw------- 1 root root 0 Aug 26 03:31 dict-async
> srw------- 1 root root 0 Aug 26 03:31 director-admin
> srw------- 1 root root 0 Aug 26 03:31 director-userdb
> srw-rw-rw- 1 root root 0 Aug 26 03:31 dns-client
> srw------- 1 root root 0 Aug 26 03:31 doveadm-server
> lrwxrwxrwx 1 root root 25 Aug 26 03:31 dovecot.conf ->
> /etc/dovecot/dovecot.conf
> drwxr-xr-x 2 root root 40 Aug 26 02:11 empty
> srw------- 1 root root 0 Aug 26 03:31 imap-hibernate
> srw------- 1 root root 0 Aug 26 03:31 imap-master
> srw-rw-rw- 1 root root 0 Aug 26 03:31 imap-urlauth
> srw------- 1 dovecot root 0 Aug 26 03:31 imap-urlauth-worker
> srw-rw-rw- 1 root root 0 Aug 26 03:31 indexer
> srw------- 1 dovecot root 0 Aug 26 03:31 indexer-worker
> srw------- 1 root root 0 Aug 26 03:31 ipc
> srw-rw-rw- 1 root root 0 Aug 26 03:31 lmtp
> srw------- 1 root root 0 Aug 26 03:31 log-errors
> drwxr-x--- 2 root dovenull 160 Aug 26 03:31 login
> srw------- 1 root root 0 Aug 26 03:31 master
> -rw------- 1 root root 5 Aug 26 03:31 master.pid
> srw------- 1 vmail root 0 Aug 26 03:31 quota-warning
> srw-rw-rw- 1 vmail root 0 Aug 26 03:31 replication-notify
> prw-rw-rw- 1 vmail root 0 Aug 26 03:44 replication-notify-fifo
> srw------- 1 dovecot root 0 Aug 26 03:31 replicator
> srw-rw-rw- 1 dovecot root 0 Aug 26 03:31 replicator-doveadm
> srw-rw-rw- 1 root root 0 Aug 26 03:31 ssl-params
> srw------- 1 root root 0 Aug 26 03:31 stats
> prw------- 1 vmail root 0 Aug 26 03:44 stats-mail
> prw------- 1 root root 0 Aug 26 03:31 stats-user
> drwxr-x--- 2 root dovenull 80 Aug 26 03:31 token-login
>
> The 2 existing replicated hosts continue to spit out the error ~5 min.
> The new host running the same Dovecot version on the same OS/distro did
> not get errors with and without replication. I have compared configs and
> permissions on both hosts which are identical and can't seem to find any
> distinct differences that would help explain the error. I have also
> tried clearing out Dovecot's index files on the 2 problematic hosts to
> no avail using:
>
> systemctl stop dovecot
> find "$home" -type f -name dovecot.index -delete
> find "$home" -type f -name dovecot.index.cache -delete
> find "$home" -type f -name dovecot.index.log -delete
> find "$home" -type f -name dovecot.index.log.2 -delete
> systemctl start dovecot
>
> Clearing the index files made no different as the error continues ~5 min.
>
> I can't wrap my head around this one and am not sure what else to try.
>
> -
> Tony
>
> On 8/25/17 9:40 AM, Tony wrote:
>> Hello,
>>
>> Absolutely. Here is the output of doveconf -n:
>>
>> # doveconf -n
>> # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.19 (e5c7051)
>> # OS: Linux 4.9.36-x86_64-linodexx x86_64 Arch Linux
>> auth_mechanisms = plain login
>> base_dir = /var/run/dovecot/
>> dict {
>> expire = ldap:/etc/dovecot/dovecot-ldap.conf.ext
>> quota = ldap:/etc/dovecot/dovecot-ldap.conf.ext
>> }
>> doveadm_password = # hidden, use -P to show it
>> doveadm_port = 4343
>> mail_attachment_hash = %{sha256}
>> mail_gid = vmail
>> mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/
>> mail_plugins = " mailbox_alias acl quota stats mail_log notify replication"
>> mail_privileged_group = mail
>> mail_uid = vmail
>> mailbox_list_index = yes
>> maildir_very_dirty_syncs = yes
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date index ihave duplicate mime foreverypart
>> extracttext spamtest spamtestplus
>> namespace inbox {
>> inbox = yes
>> location =
>> mailbox Archive {
>> special_use = \Archive
>> }
>> mailbox Drafts {
>> auto = subscribe
>> special_use = \Drafts
>> }
>> mailbox Flagged {
>> special_use = \Flagged
>> }
>> mailbox Junk {
>> special_use = \Junk
>> }
>> mailbox Sent {
>> auto = subscribe
>> special_use = \Sent
>> }
>> mailbox "Sent Messages" {
>> auto = subscribe
>> special_use = \Sent
>> }
>> mailbox Spam {
>> auto = subscribe
>> special_use = \Junk
>> }
>> mailbox Trash {
>> auto = subscribe
>> special_use = \Trash
>> }
>> mailbox virtual/All {
>> auto = no
>> special_use = \All
>> }
>> prefix =
>> }
>> passdb {
>> args = /etc/dovecot/dovecot-ldap.conf.ext
>> driver = ldap
>> }
>> plugin {
>> mail_log_events = delete undelete expunge copy mailbox_delete
>> mailbox_rename
>> mail_log_fields = uid box msgid size
>> mail_replica = tcp:orbitron.domain.net:4343
>> quota = maildir:User quota
>> quota_grace = 10%%
>> quota_rule = *:storage=2G
>> quota_rule2 = Trash:storage=+10%%
>> quota_rule3 = Spam:storage=+20%%
>> quota_status_nouser = DUNNO
>> quota_status_overquota = 552 5.2.2 Mailbox is full
>> quota_status_success = DUNNO
>> quota_warning = storage=100%% quota-warning +100 %u
>> quota_warning2 = storage=95%% quota-warning +95 %u
>> quota_warning3 = storage=80%% quota-warning +80 %u
>> quota_warning4 = -storage=100%% quota-warning -100 %u
>> sieve = ~/.dovecot.sieve
>> sieve_dir = ~/.sieve
>> sieve_extensions = +spamtest +spamtestplus +relational
>> +comparator-i;ascii-numeric
>> stats_refresh = 30 secs
>> stats_track_cmds = yes
>> }
>> protocols = imap pop3 lmtp sieve
>> service aggregator {
>> fifo_listener replication-notify-fifo {
>> mode = 0666
>> user = vmail
>> }
>> unix_listener replication-notify {
>> mode = 0666
>> user = vmail
>> }
>> }
>> service auth {
>> unix_listener auth-userdb {
>> group = vmail
>> mode = 0660
>> user = vmail
>> }
>> }
>> service config {
>> unix_listener config {
>> user = vmail
>> }
>> }
>> service dict {
>> unix_listener dict {
>> group = vmail
>> mode = 0660
>> user = vmail
>> }
>> user = root
>> }
>> service doveadm {
>> inet_listener {
>> port = 4343
>> }
>> user = vmail
>> }
>> service imap-login {
>> inet_listener imap {
>> port = 143
>> }
>> inet_listener imaps {
>> port = 993
>> ssl = yes
>> }
>> }
>> service lmtp {
>> inet_listener lmtp {
>> address = 66.175.xxx.xx 192.168.176.128 127.0.0.1 ::1
>> port = 24
>> }
>> unix_listener /var/spool/postfix/private/dovecot-lmtp {
>> group = postfix
>> mode = 0600
>> user = postfix
>> }
>> user = vmail
>> }
>> service managesieve-login {
>> inet_listener sieve {
>> port = 4190
>> }
>> service_count = 1
>> vsz_limit = 64 M
>> }
>> service quota-status {
>> client_limit = 1
>> executable = quota-status -p postfix
>> inet_listener {
>> port = 12340
>> }
>> }
>> service quota-warning {
>> executable = script /usr/local/bin/quota-warning.sh
>> unix_listener quota-warning {
>> user = vmail
>> }
>> user = dovecot
>> }
>> service replicator {
>> process_min_avail = 1
>> unix_listener replicator-doveadm {
>> mode = 0666
>> }
>> }
>> service stats {
>> fifo_listener stats-mail {
>> mode = 0600
>> user = vmail
>> }
>> }
>> ssl_ca = </etc/dovecot/ssl/STAR_domain_net.ca-bundle
>> ssl_cert = </etc/dovecot/ssl/STAR_domain_net.crt
>> ssl_key = # hidden, use -P to show it
>> userdb {
>> args = /etc/dovecot/dovecot-ldap.conf.ext
>> default_fields = home=/home/vmail/%d/%u
>> driver = ldap
>> }
>> protocol lmtp {
>> mail_plugins = " mailbox_alias acl quota stats mail_log notify
>> replication sieve"
>> postmaster_address = postmaster@domain.email
>> }
>> protocol lda {
>> mail_plugins = sieve quota
>> postmaster_address = postmaster@domain.email
>> syslog_facility = mail
>> }
>> protocol imap {
>> mail_max_userip_connections = 10
>> mail_plugin_dir = /usr/lib/dovecot/modules
>> mail_plugins = " mailbox_alias acl quota stats mail_log notify
>> replication imap_quota"
>> }
>> protocol sieve {
>> mail_max_userip_connections = 10
>> managesieve_implementation_string = Dovecot Pigeonhole
>> managesieve_max_line_length = 65536
>> }
>>
>>
>> The posted Dovecot configs are identical on both this host and the
>> replica host. The only thing I tested but reverted was enabling
>> `auth_username_format=%Lu` because I wanted to test logging in with
>> username@domain which did work just fine, but I wanted to continue just
>> logging in with only the username, so I commented the option and
>> restarted dovecot so the option now looks like it does by default.
>>
>> #auth_username_format=%Lu
>>
>> Strange thing is that Dovecot appears to be working as expected (i.e
>> still retrieving IMAP mail, can authenticate just fine, etc). Could this
>> be a bug with my existing version of Dovecot?
>>
>> While spending time trying to resolve the annoying error I reported in
>> the logs I looked over https://www.dovecot.org/doc/NEWS and only found 1
>> change for 2.2.32 related to Config:
>>
>> v2.2.32 2017-08-24
>> * config: Log a warning if plugin { key=no } is used explicitly. v2.3
>> will support "no" properly in plugin settings, but for now any value at
>> all for a boolean plugin setting is treated as "yes", even if it's
>> written as explicit "no". This change will now warn that it most likely
>> won't work as intended.
>>
>> Thank You,
>> Tony
>>
>> On 8/25/17 2:39 AM, Aki Tuomi wrote:
>>> > On August 25, 2017 at 9:11 AM Tony <tony@kode.email> wrote:
>>> >
>>> >
>>> > Hello,
>>> >
>>> > Today I started noticing a very odd Dovecot error in the mail logs
>>> > across 2 replicated Dovecot hosts via dsync. I have searched the
>>> Dovecot
>>> > archives, Google, back tracked, downgraded Dovecot to earlier versions
>>> > from earlier this year and ruled everything out I could think of to no
>>> > avail. There really are not any helpful reports with what I am
>>> > specifically seeing. The strange thing is only vm...@domain.net is
>>> > repeatedly shown in the log. The error looks like this.
>>> >
>>> > *Aug 24 22:46:02 orbitron dovecot: config: Error: BUG: Config client
>>> > connection sent too much data****Aug 24 22:46:02 orbitron dovecot:
>>> >
>>> doveadm(vm...@domain.net@domain....@domain.net@domain....@domain.net@domain....@domain.net@domain....@domain.net):
>>> > Fatal: Error reading configuration: read(/var/run/dovecot/config)
>>> > failed: read(size=8192) failed: Connection reset by peer***
>>> > $ dovecot --version
>>> > 2.2.31 (65cde28)
>>> >
>>> > Dovecot #1: Linux kernel 4.9.36-x86_64
>>> > Dovecot #2: Linux kernel 4.12.8-x86_64
>>> >
>>> > Here are the latest Dovecot updates performed this year.
>>> >
>>> > [2017-04-29 14:45] [ALPM] upgraded dovecot (2.2.28-2 -> 2.2.28-3)
>>> > [2017-05-02 23:05] [ALPM] upgraded dovecot (2.2.28-3 -> 2.2.29.1-1)
>>> > [2017-06-11 17:20] [ALPM] upgraded dovecot (2.2.29.1-1 ->
>>> 2.2.30.2-1)
>>> > [2017-06-30 22:46] [ALPM] upgraded dovecot (2.2.30.2-1 -> 2.2.31-1)
>>> >
>>> > When Dovecot was last updated back on June 30, I did `systemctl
>>> > daemon-reload` but never actually restarted the Dovecot daemon until
>>> > what seems like today. The only thing I did today was edit
>>> > /etc/dovecot/conf.d/10-auth.conf by simply enabling
>>> > "*auth_username_format = %Lu*" which was commented out before I enabled
>>> > it. That is the /*only*/ thing that I tested. After I was done testing
>>> I
>>> > went back and commented out the same thing so it reads
>>> > "*#auth_username_format = %Lu*" and of course restarted Dovecot. I
>>> > really doubt this has anything to do with what I am reporting as auth
>>> is
>>> > not the problem in this case.
>>> >
>>> >
>>> > Thank You,
>>> >
>>> > Tony
>>> >
>>>
>>> Can you provide doveconf -n.
>>>
>>> Also auth_username_format=%Lu*, why *?
>>>
>>> Aki</tony@kode.email>
>>>
>
signature.asc
Description: OpenPGP digital signature
