Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338

2018-11-05 Thread Aki Tuomi 
It will be fixed.

Aki

On 6.11.2018 8.57, Mart Pirita wrote:
> Hi,
>
>
> I'm not using rsyslog and instead of hiding, this event leak should be
> fixed.
>
>
>
> Michael Slusarz wrote:
>>> On November 3, 2018 at 9:41 AM Mart Pirita  wrote:
>>>
>>>
>>> Hi,
>>>
>>>
>>> But this harmless is spamming logs, so how to disable it:
>>>
>>> grep auth-client-connection.c:338 maillog | wc -l
>>>    1259
>> If using something like rsyslog, it is trivial to filter out unwanted 
>> entries.
>>
>> michael
>>
>>
>>> Aki Tuomi wrote:
> On 03 November 2018 at 12:12 Mart Pirita < sysad...@e-positive.ee 
> > wrote:
>
>
> Hi,
>
>
> Noticed with latest v2.3.3 some new warning in logs, for example:
>
> dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)):
> auth-client-connection.c:338: 1 Time(s)
> dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)):
> auth-client-connection.c:338: 1 Time(s)
> dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)):
> auth-client-connection.c:338: 1 Time(s)
> dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)):
> auth-client-connection.c:338: 1 Time(s)
> dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)):
> auth-client-connection.c:338: 1 Time(s)
> dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)):
> auth-client-connection.c:338: 1 Time(s)
> dovecot: auth: Warning: auth client 0 disconnected with 1 pending
> requests: EOF: 12 Time(s)
>
>
> What are they?
>
>
> -- 
> Mart
 Hi! It's harmless event leak. This is a known issue to us.
>

Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338

2018-11-05 Thread Mart Pirita 
Hi,


I'm not using rsyslog and instead of hiding, this event leak should be
fixed.



Michael Slusarz wrote:
>> On November 3, 2018 at 9:41 AM Mart Pirita  wrote:
>>
>>
>> Hi,
>>
>>
>> But this harmless is spamming logs, so how to disable it:
>>
>> grep auth-client-connection.c:338 maillog | wc -l
>>    1259
> If using something like rsyslog, it is trivial to filter out unwanted entries.
>
> michael
>
>
>> Aki Tuomi wrote:
 On 03 November 2018 at 12:12 Mart Pirita < sysad...@e-positive.ee 
 > wrote:


 Hi,


 Noticed with latest v2.3.3 some new warning in logs, for example:

 dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)):
 auth-client-connection.c:338: 1 Time(s)
 dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)):
 auth-client-connection.c:338: 1 Time(s)
 dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)):
 auth-client-connection.c:338: 1 Time(s)
 dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)):
 auth-client-connection.c:338: 1 Time(s)
 dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)):
 auth-client-connection.c:338: 1 Time(s)
 dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)):
 auth-client-connection.c:338: 1 Time(s)
 dovecot: auth: Warning: auth client 0 disconnected with 1 pending
 requests: EOF: 12 Time(s)


 What are they?


 -- 
 Mart
>>> Hi! It's harmless event leak. This is a known issue to us.


-- 
Mart

Re: dovecot: imap Error: read : Broken pipe

2018-11-05 Thread Aki Tuomi 


On 6.11.2018 2.28, Felipe Gasper wrote:
>> On Nov 5, 2018, at 6:19 PM, Carl St-Laurent  wrote:
>>
>> Hi everyone,
>>
>> I'm trying to find a solution for this bug who appears 2 months ago :
>>
>> dovecot: imap(%USER%): Error: read(> (%d)>) failed: Broken pipe (FETCH BINARY[2] for mailbox INBOX UID (%d)
> That looks a bit goofy … read() should never produce EPIPE, AFAIK?
>
> -F

It is bit strange that you are not experiencing this problem at the
office, but only from remote location(s). This does turn the pointing
finger towards firewall (despite what you said). Can you take pcaps from
this, since it seems to be reproducible and send them to me privately?

Aki

Re: dovecot: imap Error: read : Broken pipe

2018-11-05 Thread Felipe Gasper 


> On Nov 5, 2018, at 6:19 PM, Carl St-Laurent  wrote:
> 
> Hi everyone,
> 
> I'm trying to find a solution for this bug who appears 2 months ago :
> 
> dovecot: imap(%USER%): Error: read() 
> failed: Broken pipe (FETCH BINARY[2] for mailbox INBOX UID (%d)

That looks a bit goofy … read() should never produce EPIPE, AFAIK?

-F

dovecot: imap Error: read : Broken pipe

2018-11-05 Thread Carl St-Laurent 

Hi everyone,

I'm trying to find a solution for this bug who appears 2 months ago :

dovecot: imap(%USER%): Error: read((%d)>) failed: Broken pipe (FETCH BINARY[2] for mailbox INBOX UID (%d)


Where %USER% is the unix user and %d the UID of the mailbox.

This error appears each time a user tries to download an attachment from 
one of his emails. Whether with RoundCube or Thunderbird via VPN or not. 
I thought that it was related to my firewall but no. Furthermore the 
problem isn't present when users are at the office. Upload speed from 
our ADSL connection is pretty slow about 1mpbs, I thought maybe it was 
related but it was working fine since 2 years. So I'm really short of 
ideas.


Anyone could help me please ?

Best regards,
Carl


# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-7-amd64 x86_64 Debian 9.5
auth_mechanisms = plain login
disable_plaintext_auth = no
mail_location = maildir:~/Maildir
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
auto = subscribe
special_use = \Drafts
  }
  mailbox Junk {
auto = subscribe
special_use = \Junk
  }
  mailbox Sent {
auto = subscribe
special_use = \Sent
  }
  mailbox "Sent Messages" {
special_use = \Sent
  }
  mailbox Trash {
auto = subscribe
special_use = \Trash
  }
  prefix =
}
passdb {
  driver = pam
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
  sieve_after = /etc/dovecot/sieve-after
}
protocols = imap imap
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
  }
}
service imap-login {
  inet_listener imap {
port = 0
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
ssl = required
ssl_ca =

Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338

2018-11-05 Thread Michael Slusarz 
> On November 3, 2018 at 9:41 AM Mart Pirita  wrote:
> 
> 
> Hi,
> 
> 
> But this harmless is spamming logs, so how to disable it:
> 
> grep auth-client-connection.c:338 maillog | wc -l
>    1259

If using something like rsyslog, it is trivial to filter out unwanted entries.

michael


> Aki Tuomi wrote:
> > > On 03 November 2018 at 12:12 Mart Pirita < sysad...@e-positive.ee 
> > > > wrote:
> > >
> > >
> > > Hi,
> > >
> > >
> > > Noticed with latest v2.3.3 some new warning in logs, for example:
> > >
> > > dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)):
> > > auth-client-connection.c:338: 1 Time(s)
> > > dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)):
> > > auth-client-connection.c:338: 1 Time(s)
> > > dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)):
> > > auth-client-connection.c:338: 1 Time(s)
> > > dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)):
> > > auth-client-connection.c:338: 1 Time(s)
> > > dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)):
> > > auth-client-connection.c:338: 1 Time(s)
> > > dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)):
> > > auth-client-connection.c:338: 1 Time(s)
> > > dovecot: auth: Warning: auth client 0 disconnected with 1 pending
> > > requests: EOF: 12 Time(s)
> > >
> > >
> > > What are they?
> > >
> > >
> > > -- 
> > > Mart
> >
> > Hi! It's harmless event leak. This is a known issue to us.

Re: imap authentication - shadow vs mysql

2018-11-05 Thread Ralph Seichter 
* Konra Wawryn:

> I`m searching for some solution which will help me to scale my system
> in the future.

You provided very little information about your requirements, and "to
scale" is just as vague a term. Hence, I recommend an LDAP server,
because it works in many scenarios, can accommodate thousands of users,
and is basically the default solution for this type of write-seldom-
read-often type of user data storage.

As for MySQL, I would personally not use it for authentication unless I
had no other option.

-Ralph

imap authentication - shadow vs mysql

2018-11-05 Thread Konra Wawryn 

Hi,

I`m looking for some opinions about authentication process for the 
systems with more than 1000 E-mail accounts.

Maybe some one could advise me what is the best authentication method.

At the moment I`m storing all passwords in my /etc/passwd. My IMAP 
server is growing and I`m planning to build new host, my question is: 
what is the best authentication model for IMAP server ? Do I need to 
store all user/passwords in mysql or maybe in LDAP ?


I`m searching for some solution which will help me to scale my system in 
the future.



Maybe some one could advice me ?


Greetings

Konrad

Re: errors in mail.err related with ssl

2018-11-05 Thread Poliman - Serwis 
Ok, I will. Thank you.

2018-11-05 9:13 GMT+01:00 Aki Tuomi :

> You could try ignoring it.
>
> Aki
> On 5.11.2018 10.13, Poliman - Serwis wrote:
>
> Thank you. Can I do something with this?
>
> 2018-11-05 9:11 GMT+01:00 Aki Tuomi :
>
>>
>> On 5.11.2018 10.05, Poliman - Serwis wrote:
>>
>> Hi. I have in mail.err file lines like below:
>>
>> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
>> error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
>>
>> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
>> error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number
>>
>> Nov  5 08:40:05 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
>> error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
>>
>> Nov  5 08:43:07 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
>> error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
>>
>> Nov  5 08:53:31 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
>> error:14094085:SSL routines:ssl3_read_bytes:ccs received early
>>
>> What do the above mean? I suppose that somebody tries connect but uses
>> too old/weak ssl version.
>>
>> --
>>
>> *Pozdrawiam / Best Regards *
>> *Piotr Bracha*
>>
>>
>> That's what it means, mostly. Could also be a probe of some sort.
>>
>> Aki
>>
>
>
>
> --
>
> *Pozdrawiam / Best Regards *
> *Piotr Bracha*
>
>


-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*

Re: errors in mail.err related with ssl

2018-11-05 Thread Aki Tuomi 
You could try ignoring it.

Aki

On 5.11.2018 10.13, Poliman - Serwis wrote:
> Thank you. Can I do something with this?
>
> 2018-11-05 9:11 GMT+01:00 Aki Tuomi  >:
>
>
> On 5.11.2018 10.05, Poliman - Serwis wrote:
>> Hi. I have in mail.err file lines like below:
>> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
>> error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
>> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
>> error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number
>> Nov  5 08:40:05 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
>> error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
>> Nov  5 08:43:07 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
>> error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
>> Nov  5 08:53:31 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
>> error:14094085:SSL routines:ssl3_read_bytes:ccs received early
>> What do the above mean? I suppose that somebody tries connect but
>> uses too old/weak ssl version.
>>
>> -- 
>> /Pozdrawiam / Best Regards
>> /
>> /Piotr Bracha/
>
>
> That's what it means, mostly. Could also be a probe of some sort.
>
> Aki
>
>
>
>
> -- 
> /Pozdrawiam / Best Regards
> /
> /Piotr Bracha/

Re: errors in mail.err related with ssl

2018-11-05 Thread Poliman - Serwis 
Thank you. Can I do something with this?

2018-11-05 9:11 GMT+01:00 Aki Tuomi :

>
> On 5.11.2018 10.05, Poliman - Serwis wrote:
>
> Hi. I have in mail.err file lines like below:
>
> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
> error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
>
> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
> error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number
>
> Nov  5 08:40:05 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
> error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
>
> Nov  5 08:43:07 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
> error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
>
> Nov  5 08:53:31 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
> error:14094085:SSL routines:ssl3_read_bytes:ccs received early
>
> What do the above mean? I suppose that somebody tries connect but uses too
> old/weak ssl version.
>
> --
>
> *Pozdrawiam / Best Regards *
> *Piotr Bracha*
>
>
> That's what it means, mostly. Could also be a probe of some sort.
>
> Aki
>



-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*

Re: errors in mail.err related with ssl

2018-11-05 Thread Aki Tuomi 

On 5.11.2018 10.05, Poliman - Serwis wrote:
> Hi. I have in mail.err file lines like below:
> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
> error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
> Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: 
> error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number
> Nov  5 08:40:05 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
> error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
> Nov  5 08:43:07 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
> error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
> Nov  5 08:53:31 s1 dovecot: pop3-login: Error: SSL: Stacked error: 
> error:14094085:SSL routines:ssl3_read_bytes:ccs received early
> What do the above mean? I suppose that somebody tries connect but uses
> too old/weak ssl version.
>
> -- 
> /Pozdrawiam / Best Regards
> /
> /Piotr Bracha/


That's what it means, mostly. Could also be a probe of some sort.

Aki

errors in mail.err related with ssl

2018-11-05 Thread Poliman - Serwis 
Hi. I have in mail.err file lines like below:

Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error:
error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request

Nov  5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error:
error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number

Nov  5 08:40:05 s1 dovecot: pop3-login: Error: SSL: Stacked error:
error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

Nov  5 08:43:07 s1 dovecot: pop3-login: Error: SSL: Stacked error:
error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher

Nov  5 08:53:31 s1 dovecot: pop3-login: Error: SSL: Stacked error:
error:14094085:SSL routines:ssl3_read_bytes:ccs received early

What do the above mean? I suppose that somebody tries connect but uses too
old/weak ssl version.

-- 

*Pozdrawiam / Best Regards*
*Piotr Bracha*