Dovecot userdb failed: Internal failure

Question

I'm attempting to secure Dovecot by adding the 'allow_nets' option in the MySQL password query. When I do so, I can check mail just fine.

However, any mail that is sent to the mailbox fails with:

Apr  1 09:38:59 localhost dovecot: deliver(brian@*****.com): userdb lookup(brian@*****.com) failed: Internal failure

dovecot-mysql.conf contains :

connect = host=localhost dbname=*** user=*** password=***
default_pass_scheme = CRYPT
password_query = SELECT password, allow_nets FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, 5003 AS uid, 5003 AS gid FROM mailbox WHERE username = '%u'

If I remove the 'allow_nets' from the password_query, everything works fine again. In the MySQL DB, the 'allow_nets' field contains : 127.0.0.1,Postfix IP,My IPaddress.

Any ideas what I'm missing?

Edit: I upgraded to Dovecot 2.2.16 and now receive this error message when adding "allow_nets" to the password_query.

dovecot: lda(brian@*****.com): Error: user brian@*****.com: Auth USER lookup failed

Dovecot Config:

auth_mechanisms = plain digest-md5 login
first_valid_gid = 5000
first_valid_uid = 5000
info_log_path = /dev/null
listen = 127.0.0.1
mail_location = maildir:/opt/virtual/%d/%n
mmap_disable = yes
passdb {
  args = /dovecot/dovecot-mysql.conf
  driver = sql
}
protocols = imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
  }
  unix_listener auth-master {
    group = virtual
    mode = 0600
    user = virtual
  }
}
service imap-login {
  chroot = login
  inet_listener imaps {
    address = 12.34.56.78
  }
  process_min_avail = 1
  service_count = 0
  user = dovecot
  vsz_limit = 64 M
}
service imap {
  drop_priv_before_exec = yes
  vsz_limit = 768 M
}
service pop3-login {
  chroot = login
  inet_listener pop3 {
    port = 0
  }
  inet_listener pop3s {
    address = 12.34.56.78
  }
  process_min_avail = 1
  service_count = 0
  user = dovecot
  vsz_limit = 64 M
}
service pop3 {
  drop_priv_before_exec = yes
  vsz_limit = 768 M
}
ssl_cert = </etc/ssl/cert.crt
ssl_key = </etc/ssl/key.key
userdb {
  args = uid=5003 gid=5003 home=/var/virtual/%d/%n
  driver = static
}
verbose_proctitle = yes
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
  hostname = example.com
  postmaster_address = postmaster@example.com
  sendmail_path = /usr/sbin/sendmail
}

Is there a solution though? I'm just following the docs which states to add "allow_nets" to the "password_query". It's mostly works - if I change the last number of my IP address, It will not let me check mail (bad password) - just like the docs states will happen. — Brian Smith, Apr 03 '15 at 02:18
http://wiki1.dovecot.org/AuthDatabase/SQL and http://wiki1.dovecot.org/PasswordDatabase/ExtraFields — Brian Smith, Apr 04 '15 at 01:36
I'm using Dovecot v1 - which still should work according to the docs. — Brian Smith, Apr 04 '15 at 15:06
I upgraded to Dovecot 2.2.16 and receive a slightly different error - updated my original post to reflect it. — Brian Smith, Apr 05 '15 at 04:54

Dovecot userdb failed: Internal failure

0 Answers0