Назад | Перейти на главную страницу

Dovecot: попытки авторизации отсутствуют

В настоящее время я настраиваю postfix вместе с dovecot. В настоящее время я борюсь с логином SSL + IMAP. Я включил ведение журнала отладки, но не могу понять, в чем дело. Вот журнал:

Oct  8 19:16:08 dirty-harry dovecot: auth: Debug: auth client connected (pid=1776)
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully [217.240.25.1]
Oct  8 19:16:08 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [217.240.25.1]
Oct  8 19:16:13 dirty-harry dovecot: imap-login: Debug: SSL alert: close notify [217.240.25.1]
Oct  8 19:16:13 dirty-harry dovecot: imap-login: Disconnected (no auth attempts in 5 secs): user=<>, rip=217.240.25.1, lip=xxx, TLS: Disconnected, session=<bUkMr10+aADZ8BkB>

Кажется, что SSL как-то работает, когда я вызываю команду:

openssl  s_client -connect <mydomain>.net:993

Я понимаю, что согласование SSL прошло успешно.

Вот моя конфигурация голубятни из dovecot -n

auth_debug_passwords = yes
auth_mechanisms = plain login
disable_plaintext_auth = no
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocols = imap lmtp
service auth-worker {
  user = vmail
}
service auth {
  unix_listener auth-userdb {
    mode = 0600
    user = vmail
  }
  user = dovecot
}
service imap-login {
  inet_listener imap {
    port = 0
  }
}
service lmtp {
  unix_listener lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
ssl = required
ssl_cert = </<cert>.crt
ssl_key = </<cert>.key
userdb {
  args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
  driver = static
}
verbose_ssl = yes

Материал SQL работает и возвращает правильные данные.

РЕДАКТИРОВАТЬ: согласно запросу в добавленном мной комментарии auth_debug = yes и попробовал логин:

user@databueck01:/$ telnet domain.net 993
Trying <ip>...
Connected to domain.net.
Escape character is '^]'.
a10 login user@domain.net password
Connection closed by foreign host.

Журнал выглядит так:

Oct  8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges
Oct  8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges
Oct  8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [217.240.25.1]
Oct  8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [217.240.25.1]
Oct  8 19:42:34 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A [217.240.25.1]
Oct  8 19:42:34 dirty-harry dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth
Oct  8 19:42:34 dirty-harry dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_mysql.so
Oct  8 19:42:34 dirty-harry dovecot: auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat
Oct  8 19:42:34 dirty-harry dovecot: auth: Debug: auth client connected (pid=1941)
Oct  8 19:42:46 dirty-harry dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A [217.240.25.1]
Oct  8 19:42:46 dirty-harry dovecot: imap-login: Disconnected (no auth attempts in 12 secs): user=<>, rip=217.240.25.1, lip=<ip>, TLS handshaking: SSL_accept() failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol, session=<y7v+DV4+cADZ8BkB>