Hi Matthias I'm pretty sure that this value (AUTH_FAILURE_DELAY_CHECK_MSECS) is the delay that Dovecot waits after the failure before reporting it, so not really relevant since the failure has already happened when that comes into play.
Out of curiosity, when you do the test that fails, how long did it take before it failed? Maybe there is a timeout configured in pam (e.g. LOGIN_TIMEOUT in login.defs) or elsewhere. John On 11/01/2026 10:11, Matthias Bodenbinder via dovecot wrote: Am Freitag, dem 09.01.2026 um 10:30 +0100 schrieb Matthias Bodenbinder via dovecot: Hi, dovecot does not work with ENCRYPT_METHOD YESCRYPT and YESCRYPT_COST_FACTOR=11. I have tested with 2.4.2-4 and 2.3.21.1-4 on endeavouros. When changing YESCRYPT_COST_FACTOR to 11 in /etc/login.defs and recreacting the user password for my user and restarting the dovecot service I get: # doveadm auth test matthias Password: passdb: matthias auth failed extra fields: user=matthias When reverting the change to YESCRYPT_COST_FACTOR=5 it works again: # doveadm auth test matthias Password: passdb: matthias auth succeeded extra fields: user=matthias I have tested this back and forth. The culprit is definitely a high value for YESCRYPT_COST_FACTOR. A value of 7 is still good but a value of 9 or 11 fails. Can it be that this problem has to do with #define AUTH_FAILURE_DELAY_CHECK_MSECS 500 in auth-request-handler.c ? Increasing the YESCRYPT_COST_FACTOR for the password hashing will certainly extend the time of the pam auth process. Matthias _______________________________________________ dovecot mailing list -- [1][email protected] To unsubscribe send an email to [2][email protected] References Visible links 1. mailto:[email protected] 2. mailto:[email protected]
_______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
