Default Ports time out IMAP / Dovecot

chris · February 9, 2022, 12:18pm

Hello, I have an issue where the default ports of IMAP time out in Mail (on macOS 10.15.7) and also I experience this issue adding a mail-account in Microsoft Outlook (and keeping it connected). Connections just randomly drop. I set up my IMAP with ports 993 and 587.

Mail on macOS gives me this response:
Connections to the server “mail.mydomain.com” on the default ports timed out.
Microsoft Outlook this:
Unable to sign in. Check your credentials and try again.
I checked my credentials multiple times and I’m very sure they are correct.

This is my dovecot.log output:

Feb 09 12:56:40 imap([email protected])<5466><bsfUhpTXprB/AAAB>: Info: Logged out in=284 out=957 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
Feb 09 12:56:59 imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=MY-HOME-IP, lip=MY-VPS-IP, session=<czXth5TXs8ZWVuIG>
Feb 09 12:56:59 imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=MY-HOME-IP, lip=MY-VPS-IP, session=<zs75h5TXtMZWVuIG>
Feb 09 12:57:00 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=MY-HOME-IP, lip=MY-VPS-IP, session=<hRv9h5TXtcZWVuIG>
Feb 09 12:57:00 imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=MY-HOME-IP, lip=MY-VPS-IP, session=<cdz/h5TXtsZWVuIG>
Feb 09 12:57:00 imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=MY-HOME-IP, lip=MY-VPS-IP, session=<e78CiJTXt8ZWVuIG>
Feb 09 12:57:00 imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=MY-HOME-IP, lip=MY-VPS-IP, session=<RJ0FiJTXuMZWVuIG>
Feb 09 12:57:30 imap-login: Info: Login: user=<[email protected]>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=5532, TLS, session=<nRDQiZTXrLB/AAAB>

Felix · February 9, 2022, 1:09pm

Just an idea… Maybe you failed a lot of times to authenticate and your IP is banned. Check in Hestia UI > Server (cog icon) > Firewall > Manage Banned IPs.

Maybe another device in your network is wrongly configured and is causing the ban.

chris · February 9, 2022, 2:14pm

Whoops! Very strange because I thought I’d whitelisted my ip but you are correct. Thanks a lot!

jlguerrero · February 9, 2022, 3:52pm

The classic misconfigured device that bans the whole office

chris · February 9, 2022, 4:07pm

Haha, well I’m sure I set the configuration fine but now I know that my Firewall is working too!

chris · February 10, 2022, 11:31am

Weird, my home IP keeps getting blocked by the Firewall – Service: Mail.
I startup my Mac, open Mail and those inboxes can’t connect…
No clue how I would have ‘misconfigured’ my mailboxes. (I have now whitelisted my home IP in the firewall as well.)

Incoming and Outgoing Mailserver: mail.mydomain.com
SSL: On
Ports: 993 / 587 (Use TLS/SSL)
Authentication: Password

Any ideas?

Felix · February 10, 2022, 11:58am

Try connecting via webmail first by opening in your browser the URL webmail.mydomain.com (provided of course that you have set the relevant DNS records for web mail in your Authoritative NS - Hestia automatically creates these records, so if you have Hestia as the Authoritative NS you don’t need to to anything special).

chris · February 10, 2022, 12:16pm

Thanks @Felix, I have no issues with webmail. I (think i) did set the relevant DNS records at Namecheap DNS, being:

A Record	| mail | XX.XX.XXX.XX | Automatic
A Record	| smtp | XX.XX.XXX.XX | Automatic
A Record	| webmail | XX.XX.XXX.XX | Automatic
TXT Record | @ | v=spf1 a mx ip4:XX.XX.XXX.XX -all | Automatic
TXT Record | _dmarc | v=DMARC1; p=quarantine; pct=100 | Automatic
TXT Record | mail._domainkey | v=DKIM1; k=rsa; p=MI etc.
MX Record | @ | mail.MYDOMAIN.com. 10 | Automatic
MX Record | host | mail.host.MYDOMAIN.com. 5 | Automatic (being my HestiaCP install.)

I believe this might be the most relevant line from my dovecot.log:

Feb 10 12:56:38 imap-login: Info: Aborted login (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=XX.XX.XXX.X, lip=3>

Felix · February 10, 2022, 12:32pm

I guess you mean you have no issues both visiting webmail AND logging in with the user/pass. In that case I don’t know what else to suggest

chris · February 10, 2022, 12:39pm

True, thanks a lot for your help. Could it be that in /etc/dovecot/conf.d/10-auth.conf these values are preset by the system and mismatching with the encryption?

disable_plaintext_auth = no
auth_username_format = %u
auth_verbose = yes
auth_mechanisms = plain login
!include auth-passwdfile.conf.ext

Felix · February 10, 2022, 1:46pm

I have no idea. I’m certain though that mail works perfectly fine with the defaults installed/set by Hestia. So if you haven’t messed with what Hestia installed/configured, it’d be better not to touch the configs.

chris · February 10, 2022, 2:41pm

Yea, that’s also not what i’m planning to do because in general it works great. Just trying to understand this issue.

system · March 12, 2022, 2:41pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.