Log inUsernamePassword
Log me on automatically each visit    
Register
Register
Log in to check your private messages
Log in to check your private messages
SMS Forum Index » SMS User Support

Post new topic   Reply to topic
system time and imap Goto page 1, 2  Next
View previous topic :: View next topic  
Author Message
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Fri Feb 25, 2011 6:22 am    Post subject: system time and imap Reply with quote

My system time is drifting by up to 10 minutes. Dovecot kills itself when the time drifts more than a couple of minutes.

any suggestions?

thanks
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Fri Feb 25, 2011 6:53 am    Post subject: Reply with quote

Are you using ntpd?
What you drift file says? /etc/ntp/drift

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Fri Feb 25, 2011 7:29 am    Post subject: Reply with quote

no such file 'drift'. The time is off by about 8-10 minutes. Logs don't show anything.
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Fri Feb 25, 2011 8:11 am    Post subject: Reply with quote

If you are not using ntpd make /etc/rc.d/rc.ntpd executable
and add /etc/ntp directory if it's not exist and uncomment drift option at
/etc/ntpd.conf and add a server.
Start /etc/rc.d/rc./ntpd.

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Fri Feb 25, 2011 5:06 pm    Post subject: Reply with quote

thanks. The drift file did not exist. Have corrected.

thanks again
Back to top
View user's profile Send private message
internetonly
Junior Member


Joined: 25 Jul 2010
Posts: 4

PostPosted: Wed Mar 02, 2011 1:04 am    Post subject: Reply with quote

- My personal experience :

- In /var/spool/cron/crontabs/root I have :
55 4 * * * /usr/sbin/ntpdate -u -s pool.ntp.org pool.ntp.org
29,59 * * * * /etc/./dovecot_dead_or_alive_110.txt

- In /etc/./dovecot_dead_or_alive_110.txt I have :
###
#!/bin/sh
chk=`netstat -an | grep -c :110`
if [ "$chk" = "0" ]
then
echo "...SHIT !!!... DOVECOT ON PORT 110 is down, Restarting, NOW !!!...";
/etc/rc.d/./rc.dovecot stop
/etc/rc.d/./rc.dovecot stop
/etc/rc.d/./rc.dovecot stop
/etc/rc.d/./rc.dovecot start

fi
###

- Inspired from here : http://wiki.dovecot.org/TimeMovedBackwards
Back to top
View user's profile Send private message Send e-mail
internetonly
Junior Member


Joined: 25 Jul 2010
Posts: 4

PostPosted: Wed Mar 02, 2011 1:14 am    Post subject: Reply with quote

- Please observe the difference here (taken from /var/log/dovecot.log) :
...
Feb 15 04:54:56 dovecot: Fatal: Time just moved backwards by 6 seconds. This might cause a lot of problems, so I'll just kill myself now.
...
Feb 16 04:55:02 dovecot: Error: Time just moved backwards by 4 seconds. I'll sleep now until we're back in present.
...
Back to top
View user's profile Send private message Send e-mail
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Wed Mar 02, 2011 7:11 am    Post subject: Reply with quote

As dovecot's wiki says, try not to use ntpdate but ntpd instead.
Dovecot 2.0 handle this better and it is available in testing,
sooner or later we will switch to version 2.0, as version 1.x.x has some I/O leaks that might not get fixed at all.

I could add a cron script to check if dovecot is running, although those errors are very specific.

Why you stop dovecot 3 times before start it again?

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
keopp
Senior Member


Joined: 08 Nov 2008
Posts: 166
Location: Romania

PostPosted: Wed Mar 02, 2011 8:56 am    Post subject: Reply with quote

Hello all,

I use ntpd to maintain system time accuracy. However, ocazionally, happens unexpected time changes(maybe BIOS battery) causing dovecot to kill himself. I solved this using a fail2ban jail/filter/action in a similar way I did in this post.
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Wed Mar 02, 2011 2:16 pm    Post subject: Reply with quote

One way is by using a cron job like
Code:
#!/bin/sh

HOST='localhost'
PORT=110
#PORT=143
#HP=@$HOST:$PORT
HP=:$PORT
echo 'Checking to see if Dovecot is up...'
if ( /usr/bin/lsof -Pni $HP | grep "$PORT (LISTEN)" 2>&1 >/dev/null ); then
  echo 'Dovecot is up';
else
  echo 'Dovecot is down, restarting...';
  /etc/rc.d/rc.dovecot start
fi

or
Code:
#!/bin/sh
chk=`netstat -an | grep -c :110`
if [ "$chk" = "0" ]
then
        echo "Dovecot is down, Restarting...";
        /etc/rc.d/rc.dovecot start
fi


As for fail2ban you can try by creating the files
Code:
root@sms:~# cat /etc/fail2ban/action.d/dovecot.conf
[Definition]
actionstart =
actionstop =
actioncheck =
actionban = /etc/rc.d/rc.dovecot start
actionunban =

Code:
root@sms:~# cat /etc/fail2ban/filter.d/dovecot.conf
[Definition]
# to test set up use this
# /usr/bin/fail2ban-regex /var/log/dovecot.log /etc/fail2ban/filter.d/dovecot.conf

failregex = dovecot: Fatal: Time just moved backwards by .* <HOST>

ignoreregex =

and add in /etc/fail2ban/jail.conf

Code:
[dovecot-restart]

enabled = true
filter = dovecot
action = dovecot
         sendmail-whois[name=dovecot, dest=root@localhost]
logpath  = /var/log/dovecot.log
maxretry = 1
ignoreip =
bantime = 600


gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
keopp
Senior Member


Joined: 08 Nov 2008
Posts: 166
Location: Romania

PostPosted: Wed Mar 02, 2011 3:40 pm    Post subject: Reply with quote

I sugest bantime = 1

here:
Code:

[dovecot-restart]

enabled = true
filter = dovecot
action = dovecot
         sendmail-whois[name=dovecot, dest=root@localhost]
logpath  = /var/log/dovecot.log
maxretry = 1
ignoreip =
#bantime = 600
bantime = 1
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Wed Mar 02, 2011 3:58 pm    Post subject: Reply with quote

I found "bantime =1" excessive, but it's an option, maybe 30 or 60 too.
I may add a few dovecot rules for authentication failures in fail2ban too.
Do you use dovecot rules?

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
keopp
Senior Member


Joined: 08 Nov 2008
Posts: 166
Location: Romania

PostPosted: Wed Mar 02, 2011 4:13 pm    Post subject: Reply with quote

Yes I made some dovecot rules because I recently found several attacks. I have the impression the attack's rate is increasing since middle of feb.

This are the rules in my dovecot-attacks.conf filter:
Code:

failregex = \(auth failed.*rip=<HOST>
            \[<HOST>\].*authentication failed
            warning: <HOST>.*verification failed
            lost connection after.*\[<HOST>\]
Back to top
View user's profile Send private message
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Wed Mar 02, 2011 7:03 pm    Post subject: Reply with quote

thanks everyone for your replies. I have learned alot from this dialog. Time is working well now and I am testing each of your suggestions.

thanks
Back to top
View user's profile Send private message
keopp
Senior Member


Joined: 08 Nov 2008
Posts: 166
Location: Romania

PostPosted: Wed Mar 02, 2011 7:14 pm    Post subject: Reply with quote

Good luck then.
We're waiting for your comments.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    SMS Forum Index » SMS User Support All times are GMT + 2 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

SMS - Superb! Mini Server Project © 2016
Powered by phpBB © 2001, 2002 phpBB Group
iCGstation v1.0 Template By Ray © 2003, 2004 iOptional