[Dovecot] Auth error in log
Hi,
I have a setup with Dovecot handling a few virtual domains delivering mails to both local Unix account mailboxes and seperate mailboxes for virtual users defined in a MySQL database. A quick overview of the configuration shows two passdb definitions:
auth default { mechanisms = plain login
passdb pam { args = dovecot }
passdb sql { args = /etc/dovecot/dovecot-sql.conf }
userdb passwd { args = mail=maildir:~/Maildir blocking=yes }
userdb static { args = uid=vmail gid=mail home=/var/spool/vmail/%d/%n allow_all_users=yes }
user = root
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail group = mail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } !include_try /etc/dovecot/auth.d/*.auth }
When a virtual user defined in the MySQL database tries to log in using IMAP or SMTP I always get auth failures logged in the system logs. Entries are like this:
Aug 21 06:25:36 roadrunner dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=luser@mydomain.com rhost=85.224.xx.xx
I assume these failures comes form the fact that PAM doesn't recognize the virtual users and Dovecot continues to the SQL passdb entry. As a result I get a _lot_ of auth failures in the logs.
I have tried to come up with a way where the auth failures from PAM arent't logged if the the SQL authenication is successful. Is this possible or are there any other recommended ways to handle this?
/PH
-- Per-Henrik Lundblom email: ph@whatever.nu phone: +46 733 207126 webpage: www.whatever.nu
Hi,
Also attached a dovecot -n dump:
1.2.9: /etc/dovecot/dovecot.conf
OS: Linux 2.6.35-23-generic-pae i686 Ubuntu 10.04.4 LTS ext4
log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login first_valid_uid: 117 mail_privileged_group: mail mail_location: maildir:/var/spool/vmail/%d/%n/Maildir mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 lda: postmaster_address: postmaster@mydomain.com auth_socket_path: /var/run/dovecot/auth-master log_path: /var/spool/vmail/dovecot-deliver.log auth default: mechanisms: plain login passdb: driver: pam args: dovecot passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: passwd args: mail=maildir:~/Maildir blocking=yes userdb: driver: static args: uid=vmail gid=mail home=/var/spool/vmail/%d/%n allow_all_users=yes socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: mail
/PH
-- Per-Henrik Lundblom epost: ph@whatever.nu telefon: 0733-20 71 26 hemsida: www.whatever.nu
On 02 Sep 2013, at 07:40 , Per-Henrik Lundblom <ph@whatever.nu> wrote:
There's nothing to solve. If you have multiple authentication methods then any but the right one will fail, obviously.
That said, I don't see these at all (I have pam and sql set).
Are you logging to a dovecot log file or to syslog?
This is what I see in maillog:
Sep 2 15:00:51 mail dovecot: imap-login: Login: user=<*user*@*domain.tld*>, 12.34.56.789, PLAIN, TLS Sep 2 10:10:54 mail dovecot: imap-login: Login: user=<kremels>, 12.34.56.798, PLAIN, TLS
-- In other news, Gandalf died. -- Secret Diary of Boromir
participants (2)
-
LuKreme
-
Per-Henrik Lundblom