Dovecot + Postifx problems.

Over the weekend I updated my mail server. Turns out if you have Dovecot installed and configured with Postfix, and Dovecot fails, Postfix stops working too. When I was trying to fix Dovecot I had mail in my mailbox, I could see it if I ran the mail command on the server. But I couldn’t see the email in my desktop client. After fixing Dovecot, I couldn’t see any new email in either place.

So what happened was when I tried to connect from my computer to the mail server it would crash Dovecot:

The error was due to the updates. The version of Dovecot now being used needs a DH key longer than 1024 and looks for dh.pem instead of ssl-parameters.dat. I did find a dh.pem of 4096 under /usr/share/dovecot, but I messed up putting the command in the config file. ssh_dh is not the same as ssl_dh. Which brings up another point, I would expect service dovecot restart to share errors with me, not hide them.

I had to do a few things to fix the problem.

  1. Since this is a VPS, I needed to fix the lack of randomness for entropy. I found that via the NixCraft blog, and probably overdid it installing both rng-tool and haveged.
  2. After those were started I used the command from the Dovecot wiki to set up the new dh.pem file.

When they say it takes a while it does. Running that command took two 2 hours to complete, with the improved randomness from haveged and rng-tool.

I fixed the command in dovecot after a doveadm reload showed the error that ssh_dh was not known.

I could connect from my everyday driver system to the mail server. That is when I noticed no new email. Well, only 1 new mail.

Looking at the error logs found the following Postfix error, which I didn’t notice until after I got Dovecot fixed.

Which was caused by this one line in the Postfix configuration.

However, the postfix error cleared itself after dovecot started working properly. Mail has slowly been trickling in.

5 thoughts on “Dovecot + Postifx problems.

  1. Marco Belmonte

    Thanks – followed your lead and solved the same problem on my Dovecot server.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *