Mail filters, IMPAS LMTP LDA not running

Maraca · January 6, 2021, 8:08pm

Hello i cannot access roundcube and my system status checks says the following errors.

Dovecot LMTP LDA is not running (port 10026).

IMAPS (dovecot) is not running (port 993).

Mail Filters (Sieve/dovecot) is not running (port 4190).

The SSH server on this machine permits password-based login. A more secure way to log in is using a public key. Add your SSH public key to $HOME/.ssh/authorized_keys, check that you can log in without a password, set the option ‘PasswordAuthentication no’ in /etc/ssh/sshd_config, and then restart the openssh via ‘sudo service ssh restart’.

✓
System software is up to date.

✓
Mail-in-a-Box is up to date. You are running version v0.51.

✓
System administrator address exists as a mail alias. [administrator@box.example.com ↦ me@box.example.com]

?
The disk has 19.19 GB space remaining.

✓
System memory is 78% free.

Any idea what it could be and how to proceed.

Thanks

hija · January 6, 2021, 10:11pm

Try running:

sudo service dovecot start

Or (as root/admin)

service dovecot start

And check if that fixes your error.

Maraca · January 6, 2021, 11:25pm

Hi Hija, just tried and nothing happened

hija · January 7, 2021, 11:07am

What‘s the output of

service dovecot status

?

Maraca · January 7, 2021, 4:09pm

sustituted box.digitalshopmail.com with miboxmail-goes-here cause the system said i was using to many links on my reply

Maraca · January 7, 2021, 4:11pm

● dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/lib/systemd/system/dovecot.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2021-01-07 00:19:36 UTC; 15h ago
Docs: man:dovecot(1)
http://wiki2.dovecot.org/
Main PID: 3439 (code=exited, status=89)

Jan 07 00:19:36 mi-box-mail-goes-here systemd[1]: Started Dovecot IMAP/POP3 email server.
Jan 07 00:19:36 mi-box-mail-goes-here dovecot[3439]: doveconf: Warning: service auth { client_limit=1000 } is lower than required under max. load (1500)
Jan 07 00:19:36 mi-box-mail-goes-here dovecot[3439]: doveconf: Warning: service anvil { client_limit=1000 } is lower than required under max. load (1003)
Jan 07 00:19:36 mi-box-mail-goes-here dovecot[3439]: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: duplicate listener: 995:
Jan 07 00:19:36 mi-box-mail-goes-here systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a
Jan 07 00:19:36 mi-box-mail-goes-here systemd[1]: dovecot.service: Failed with result ‘exit-code’.

hija · January 7, 2021, 4:31pm

Alright, I see. Did you upgrade an already existing miab installation or did you try a completely new installation?

Maraca · January 7, 2021, 5:04pm

i upgraded an existing install

hija · January 7, 2021, 5:06pm

Hm… Were there any errors while doing the upgrade?

Maraca · January 7, 2021, 5:11pm

No, everything was working fine. Did the upgrade about 2 or 3 weeks ago and suddenly i began getting this problem

hija · January 7, 2021, 5:14pm

Did you ever try to change something in the source files or configuration files? The reason this came up a few weeks ago could be because of a reboot of a machine. If you change config files, e.g. of dovecot, and don’t restart the service, then you would not notice any change. If you changed something which breaks dovecot and you did not reload the dovecot service, this would be unnoticed until the service gets restarted, e.g. after a reboot.

Maraca · January 7, 2021, 6:03pm

yes, i did maybe that is it. I enabled as well pop3 protocol to be able to work through gmail doing the following:

sudo apt-get install dovecot-pop3d
sudo ufw allow 995 && sudo ufw reload
sudo vi /etc/dovecot/conf.d/10-master.conf

Uncomment the following:

service pop3-login {
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}

Maraca · January 7, 2021, 7:00pm

System information as of Thu Jan 7 18:51:20 UTC 2021

System load: 0.26 Processes: 127
Usage of /: 12.0% of 57.98GB Users logged in: 0
Memory usage: 14% IP address for eth0: 139.59.146.75
Swap usage: 0%

20 packages can be updated.
0 updates are security updates.

Last login: Fri Dec 4 00:27:07 2020 from 177.225.151.232
root@box:~# sudo vi /etc/dovecot/conf.d/10-master.conf

service pop3 {

Max. number of POP3 processes (connections)

#process_limit = 1024
}

service auth {

auth_socket_path points to this userdb socket by default. It’s typically

used by dovecot-lda, doveadm, possibly imap process, etc. Users that have

full permissions to this socket are able to get a list of all usernames and

get the results of everyone’s userdb lookups.

The default 0666 mode allows anyone to connect to the socket, but the

userdb lookups will succeed only if the userdb returns an “uid” field that

matches the caller process’s UID. Also if caller’s uid or gid matches the

socket’s uid or gid the lookup succeeds. Anything else causes a failure.

To give the caller full permissions to lookup all users, set the mode to

something else than 0666 and Dovecot lets the kernel enforce the

permissions (e.g. 0777 allows everyone full permissions).

unix_listener auth-userdb {
#mode = 0666
#user =
#group =
}

Postfix smtp-auth

#unix_listener /var/spool/postfix/private/auth {

mode = 0666

#}

Auth process is run as this user.

#user = $default_internal_user
}

service auth-worker {

Auth worker process is run as root by default, so that it can access

/etc/shadow. If this isn’t necessary, the user should be changed to

$default_internal_user.

#user = root
}

service dict {

If dict proxy is used, mail processes should have access to its socket.

For example: mode=0660, group=vmail and global mail_access_groups=vmail

unix_listener dict {
#mode = 0600
#user =
#group =
}
}
log_path=/var/log/mail.log
122,1 Bot

hija · January 7, 2021, 8:31pm

This is mine. Try it out (save it), run sudo service dovecot start and look if it fixes your problem. Then you can try to reanable your modification:

#default_process_limit = 100
default_process_limit=250
#default_client_limit = 1000

# Default VSZ (virtual memory size) limit for service processes. This is mainly
# intended to catch and kill processes that leak memory before they eat up
# everything.
#default_vsz_limit = 256M
default_vsz_limit=664M

# Login user is internally used by login processes. This is the most untrusted
# user in Dovecot system. It shouldn't have access to anything at all.
#default_login_user = dovenull

# Internal user is used by unprivileged processes. It should be separate from
# login user, so that login processes can't disturb other processes.
#default_internal_user = dovecot

service imap-login {
  inet_listener imap {
    port = 0
  }
  inet_listener imaps {
    #port = 993
    #ssl = yes
  }

  # Number of connections to handle before starting a new process. Typically
  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  # is faster. <doc/wiki/LoginProcess.txt>
  #service_count = 1

  # Number of processes to always keep waiting for more connections.
  #process_min_avail = 0

  # If you set service_count=0, you probably need to grow this.
  #vsz_limit = $default_vsz_limit
}

service pop3-login {
  inet_listener pop3 {
    port = 0
  }
  inet_listener pop3s {
    #port = 995
    #ssl = yes
  }
}

service lmtp {
  unix_listener lmtp {
    #mode = 0666
  }

  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port =
  #}
}

service imap {
  # Most of the memory goes to mmap()ing files. You may need to increase this
  # limit if you have huge mailboxes.
  #vsz_limit = $default_vsz_limit

  # Max. number of IMAP processes (connections)
  #process_limit = 1024
}

service pop3 {
  # Max. number of POP3 processes (connections)
  #process_limit = 1024
}

service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
  # full permissions to this socket are able to get a list of all usernames and
  # get the results of everyone's userdb lookups.
  #
  # The default 0666 mode allows anyone to connect to the socket, but the
  # userdb lookups will succeed only if the userdb returns an "uid" field that
  # matches the caller process's UID. Also if caller's uid or gid matches the
  # socket's uid or gid the lookup succeeds. Anything else causes a failure.
  #
  # To give the caller full permissions to lookup all users, set the mode to
  # something else than 0666 and Dovecot lets the kernel enforce the
  # permissions (e.g. 0777 allows everyone full permissions).
  unix_listener auth-userdb {
    #mode = 0666
    #user =
    #group =
  }

  # Postfix smtp-auth
  #unix_listener /var/spool/postfix/private/auth {
  #  mode = 0666
  #}

  # Auth process is run as this user.
  #user = $default_internal_user
}

service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  #user = root
}

service dict {
  # If dict proxy is used, mail processes should have access to its socket.
  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
  unix_listener dict {
    #mode = 0600
    #user =
    #group =
  }
}
log_path=/var/log/mail.log

Maraca · January 7, 2021, 10:20pm

yess it worked thanks Hija!

hija · January 7, 2021, 10:51pm

You are welcome