Hmm, can this be related to SMTP brute force attack attempts and
Postfix, using conf:
smtpd_junk_command_limit = 2
smtpd_error_sleep_time = 15s
smtpd_soft_error_limit = 5
smtpd_hard_error_limit = 10
smtpd_client_connection_count_limit = 5
smtpd_client_connection_rate_limit = 30
cuts connection and Dovecot gives error. But since Postfix conf have
been same for a long time and these errors came with Dovecot 2.3.3, then
seems I just must ignore them, however the error type is a bit spooky
(like debug message), so maybe some human readable explanation in logs
would be better. :).
Timo Sirainen wrote:
> On 26 Nov 2018, at 13.16, Mart Pirita <sysad...@e-positive.ee> wrote:
>> Hi,
>>
>> Auth process is not constantly being shutdown and/or restarted and Dovecot
>> is used for SMTP authentication (Postfix).
>>
>> Checked few servers logs, they are running v2.3.3, for example latest
>> (some day none, some day a lot, some day few) logs:
>>
>> Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250f15f0
>> leaked (parent=(nil)): auth-client-connection.c:338
> I suppose these are happening because of:
>
>>>>>> dovecot: auth: Warning: auth client 0 disconnected with 1 pending
>>>>>> requests: EOF: 12 Time(s)
> Which probably happens when Postfix disconnects from Dovecot before the
> authentication has finished.
>
> I can reproduce these if I set up PAM authentication and then do:
>
> doveadm auth test testuser wrongpass
> <ctrl-c>
>
> Repeat the above a few times. Each time logs:
>
> Nov 26 13:36:13.588354 auth: Warning: auth client 0 disconnected with 1
> pending requests: EOF
>
> Then stop Dovecot (or auth process at least):
>
> Nov 26 13:36:23.403778 auth: Warning: Event 0x561565277db0 leaked
> (parent=(nil)): auth-client-connection.c:338
>
>
--
Mart
