Ahh Peter, good call on this one! <beating head into desk><pause><beating head into desk again><thumbs up>
So after playing around with the order of authentication in Dovecot, you are correct, the PAM timeout was causing the holdup. I guess since PAM has no way of looking up whether or not a user exists prior to authenticating, this is causing the hiccup, versus LDAP which can search for a user’s existence prior to the auth. Switching these around, I notice almost *no* degradation in performance for PAM authentications, and the LDAP authentications run smooth as I would hope them to. Awesome, so now we have our solution! (I think.) Gotta say, a lot of love goes out to the Dovecot community (especially Timo!) for all the inspiration and help that I’ve received. Dovecot is a great app and this community is the backbone of it all. Cheers to all! Thanks again. ~ Laz Peterson Paravis, LLC Ph: 951.319.3240 x201 > On Jul 2, 2015, at 6:25 AM, Laz C. Peterson <l...@paravis.net> wrote: > > Peter, > > Yes that is a possibility. I will try disabling PAM (or switching the auth > order) and see if that makes a difference. Thanks for the suggestion! > > ~ Laz Peterson > Paravis, LLC > Ph: 951.319.3240 x201 > >> On Jul 1, 2015, at 11:34 PM, Peter Chiochetti <p...@myzel.net> wrote: >> >> Am 2015-07-02 um 01:41 schrieb Laz C. Peterson: >>> >>> I did attempt to switch the PAM/Kerberos authentication to Dovecot >>> LDAP authentication, but now performance is unbelievably slow. >>> Any thoughts to this? >> >> In case you have multiple passdb backends, it could be, that LDAP only gets >> its chance, after PAM did time out. >> >> >> -- >> peter