[SMS]

baboo · Senior Member Joined: 04 Sep 2007 Posts: 676

My system time is drifting by up to 10 minutes. Dovecot kills itself when the time drifts more than a couple of minutes.

any suggestions?

thanks

gerasimos_h · Posted: Fri Feb 25, 2011 6:53 am Post subject:

Are you using ntpd?
What you drift file says? /etc/ntp/drift

gerasimos_h

baboo · Senior Member Joined: 04 Sep 2007 Posts: 676

no such file 'drift'. The time is off by about 8-10 minutes. Logs don't show anything.

gerasimos_h · Posted: Fri Feb 25, 2011 8:11 am Post subject:

If you are not using ntpd make /etc/rc.d/rc.ntpd executable
and add /etc/ntp directory if it's not exist and uncomment drift option at
/etc/ntpd.conf and add a server.
Start /etc/rc.d/rc./ntpd.

gerasimos_h

baboo · Senior Member Joined: 04 Sep 2007 Posts: 676

thanks. The drift file did not exist. Have corrected.

thanks again

internetonly · Junior Member Joined: 25 Jul 2010 Posts: 4

- My personal experience :

- In /var/spool/cron/crontabs/root I have :
55 4 * * * /usr/sbin/ntpdate -u -s pool.ntp.org pool.ntp.org
29,59 * * * * /etc/./dovecot_dead_or_alive_110.txt

- In /etc/./dovecot_dead_or_alive_110.txt I have :
###
#!/bin/sh
chk=`netstat -an | grep -c :110`
if [ "$chk" = "0" ]
then
echo "...SHIT !!!... DOVECOT ON PORT 110 is down, Restarting, NOW !!!...";
/etc/rc.d/./rc.dovecot stop
/etc/rc.d/./rc.dovecot stop
/etc/rc.d/./rc.dovecot stop
/etc/rc.d/./rc.dovecot start

fi
###

- Inspired from here : http://wiki.dovecot.org/TimeMovedBackwards

internetonly · Junior Member Joined: 25 Jul 2010 Posts: 4

- Please observe the difference here (taken from /var/log/dovecot.log) :
...
Feb 15 04:54:56 dovecot: Fatal: Time just moved backwards by 6 seconds. This might cause a lot of problems, so I'll just kill myself now.
...
Feb 16 04:55:02 dovecot: Error: Time just moved backwards by 4 seconds. I'll sleep now until we're back in present.
...

gerasimos_h · Posted: Wed Mar 02, 2011 7:11 am Post subject:

As dovecot's wiki says, try not to use ntpdate but ntpd instead.
Dovecot 2.0 handle this better and it is available in testing,
sooner or later we will switch to version 2.0, as version 1.x.x has some I/O leaks that might not get fixed at all.

I could add a cron script to check if dovecot is running, although those errors are very specific.

Why you stop dovecot 3 times before start it again?

gerasimos_h

keopp · Posted: Wed Mar 02, 2011 8:56 am Post subject:

Hello all,

I use ntpd to maintain system time accuracy. However, ocazionally, happens unexpected time changes(maybe BIOS battery) causing dovecot to kill himself. I solved this using a fail2ban jail/filter/action in a similar way I did in this post.

gerasimos_h · Posted: Wed Mar 02, 2011 2:16 pm Post subject:

One way is by using a cron job like

keopp · Posted: Wed Mar 02, 2011 3:40 pm Post subject:

I sugest bantime = 1

here:

gerasimos_h · Posted: Wed Mar 02, 2011 3:58 pm Post subject:

I found "bantime =1" excessive, but it's an option, maybe 30 or 60 too.
I may add a few dovecot rules for authentication failures in fail2ban too.
Do you use dovecot rules?

gerasimos_h

keopp · Posted: Wed Mar 02, 2011 4:13 pm Post subject:

Yes I made some dovecot rules because I recently found several attacks. I have the impression the attack's rate is increasing since middle of feb.

This are the rules in my dovecot-attacks.conf filter:

baboo · Senior Member Joined: 04 Sep 2007 Posts: 676

thanks everyone for your replies. I have learned alot from this dialog. Time is working well now and I am testing each of your suggestions.

thanks

keopp · Posted: Wed Mar 02, 2011 7:14 pm Post subject:

Good luck then.
We're waiting for your comments.