This documentation is for Dovecot v1.x, see wiki2 for v2.x documentation.
Differences between revisions 3 and 28 (spanning 25 versions)
Revision 3 as of 2007-01-27 01:24:07
Size: 1864
Editor: TimoSirainen
Comment:
Revision 28 as of 2009-10-28 03:05:44
Size: 4662
Editor: TimoSirainen
Comment: I don't understand the note. IMAP process logs via master process. Removed, since it's just confusing.
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
<<TableOfContents>>
Line 2: Line 4:
'''Dovecot always logs a detailed error message''' if something goes wrong. If it doesn't, it's considered a bug and will be fixed. However almost always the problem is that you're looking at the wrong log file; error messages may be logged to a different file than informational messages. By default Dovecot logs to syslog using '''mail''' facility. You can change the facility from {{{syslog_facility}}} setting. You can also configure Dovecot to write to log files directly, see below.
Line 3: Line 6:
By default Dovecot starts logging to syslog using mail facility. In most operating systems this goes to `/var/log/mail.log`, `/var/log/maillog` or something similar. When using syslog, Dovecot uses 4 different logging levels:
Line 5: Line 8:
If there is anything wrong with your configuration or if something crashes, '''Dovecot will always log the error message'''. It's extremely rare that Dovecot dies without giving any sort of error message, so make sure you're looking at the correct log file.  * '''info''': Informational and debug messages.
 * '''warning''': Warnings that don't cause an actual error, but are useful to know about.
 * '''err''': Non-fatal errors.
 * '''crit''': Fatal errors that cause the process to die.
Where exactly these messages are logged depends entirely on your syslog configuration. Often everything is logged to {{{/var/log/mail.log}}} or {{{/var/log/maillog}}}, and '''err''' and '''crit''' are logged to {{{/var/log/mail.err}}}. This is not necessarily true for your configuration though.
Line 7: Line 14:
NOTE: Error messages may be logged into a different log file than the informational log lines! Some syslogs are by default configured to log mail error messages into a different log file. You can find the correct log files using these methods:
Line 9: Line 16:
After you start Dovecot, make sure that you can find a line similar to this:

{{{
dovecot: Jan 07 14:22:40 Info: Dovecot v1.0.alpha5 starting up
}}}

However, the above message is logged into informational log, which may or may not be where the error messages are logged.
 * Info log: After starting Dovecot, {{{grep "starting up" /var/log/*}}}. It should show a line such as: {{{Dovecot v1.0.0 starting up}}}
 * Error logs: Use {{{dovecot --log-error}}} command, which makes Dovecot log a few messages and exit. Then {{{grep "This is Dovecot's" /var/log/*}}} to find them. You should see:
  * With Dovecot v1.0.0 you'll find only the '''crit''' log: {{{This is Dovecot's error log}}}
  * With Dovecot v1.0.1+ you'll find all of them:
   * '''warning''': {{{This is Dovecot's warning log}}}
   * '''err''': {{{This is Dovecot's error log}}}
   * '''crit''': {{{This is Dovecot's fatal log}}}
 * You can also check your {{{/etc/syslog.conf}}} to see how it's configured.
Line 18: Line 26:
Line 24: Line 31:
The point is that whenever anything unexpected happens, Dovecot doesn't leak any extra information about it to clients. They don't need it and they might try to exploit it in some ways, so the less they know the better.
Line 25: Line 33:
The real error message is written to Dovecot's log file. The timestamp is meant to help you find it. The real error message is written to the error log file. The timestamp is meant for you to help you find it.
Line 28: Line 36:
Line 33: Line 40:
# If you want everything in one file, just don't specify log_info_path
log_info_path = /var/log/dovecot-info.log
# If you want everything in one file, just don't specify info_log_path
info_log_path = /var/log/dovecot-info.log
Line 36: Line 43:
The warning and error messages will go to file specified by {{{log_path}}}, while everything else goes to {{{info_log_path}}}. If you do this, make sure you're really looking at the {{{log_path}}} file for error messages, since the "Starting up" message is written to {{{info_log_path}}} file.
Line 37: Line 45:
The error messages will go to file specified by `log_path`, while everything else goes to `log_info_path`. If you do this, make sure you're really looking at the `log_path` file for error messages, since the "Starting up" message is written to `log_info_path` file. == Rotating Logs ==
If you change from syslog to an external log file, you can use logrotate (available on most recent linux distros) to maintain the Dovecot logfile so it doesn't grow beyond a manageable size. Save the below scriptlet as {{{/etc/logrotate.d/dovecot}}}:

{{{
# dovecot SIGUSR1: Re-opens the log files.
/var/log/dovecot*.log {
  missingok
  notifempty
  delaycompress
  sharedscripts
  postrotate
    /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
  endscript
}
}}}
'''NOTE''': change the path to the logfile(s) and the {{{master.pid}}} file as appropriate for your system configuration. The default location of {{{master.pid}}} is {{{/usr/local/var/run/dovecot/master.pid}}}.

== Logging verbosity ==
There are several settings that control logging verbosity. By default they're all disabled, but they may be useful for debugging.

 * {{{auth_verbose=yes}}} enables logging all failed authentication attempts.
 * {{{auth_debug=yes}}} enables all authentication debug logging (also enables {{{auth_verbose}}}). Passwords are logged as {{{<hidden>}}}.
 * {{{auth_debug_passwords=yes}}} does everything that {{{auth_debug=yes}}} does, but it also removes password hiding.
 * {{{mail_debug=yes}}} enables all kinds of mail related debug logging, such as showing where Dovecot is looking for mails.
 * {{{verbose_ssl=yes}}} enables logging SSL errors and warnings. Even without this setting if connection is closed because of an SSL error, the error is logged as the disconnection reason (v1.1+).

Dovecot Logging

Dovecot always logs a detailed error message if something goes wrong. If it doesn't, it's considered a bug and will be fixed. However almost always the problem is that you're looking at the wrong log file; error messages may be logged to a different file than informational messages. By default Dovecot logs to syslog using mail facility. You can change the facility from syslog_facility setting. You can also configure Dovecot to write to log files directly, see below.

When using syslog, Dovecot uses 4 different logging levels:

  • info: Informational and debug messages.

  • warning: Warnings that don't cause an actual error, but are useful to know about.

  • err: Non-fatal errors.

  • crit: Fatal errors that cause the process to die.

Where exactly these messages are logged depends entirely on your syslog configuration. Often everything is logged to /var/log/mail.log or /var/log/maillog, and err and crit are logged to /var/log/mail.err. This is not necessarily true for your configuration though.

You can find the correct log files using these methods:

  • Info log: After starting Dovecot, grep "starting up" /var/log/*. It should show a line such as: Dovecot v1.0.0 starting up

  • Error logs: Use dovecot --log-error command, which makes Dovecot log a few messages and exit. Then grep "This is Dovecot's" /var/log/* to find them. You should see:

    • With Dovecot v1.0.0 you'll find only the crit log: This is Dovecot's error log

    • With Dovecot v1.0.1+ you'll find all of them:
      • warning: This is Dovecot's warning log

      • err: This is Dovecot's error log

      • crit: This is Dovecot's fatal log

  • You can also check your /etc/syslog.conf to see how it's configured.

Internal Errors

If IMAP or POP3 processes encounter some error, they don't show the exact reason for clients. Instead they show:

Internal error occurred. Refer to server log for more information. [2006-01-07 22:35:11]

The point is that whenever anything unexpected happens, Dovecot doesn't leak any extra information about it to clients. They don't need it and they might try to exploit it in some ways, so the less they know the better.

The real error message is written to the error log file. The timestamp is meant for you to help you find it.

Changing Log File Paths

If you don't want to use syslog, or if you just can't find the Dovecot's error logs, you can make Dovecot log elsewhere as well:

log_path = /var/log/dovecot.log
# If you want everything in one file, just don't specify info_log_path
info_log_path = /var/log/dovecot-info.log

The warning and error messages will go to file specified by log_path, while everything else goes to info_log_path. If you do this, make sure you're really looking at the log_path file for error messages, since the "Starting up" message is written to info_log_path file.

Rotating Logs

If you change from syslog to an external log file, you can use logrotate (available on most recent linux distros) to maintain the Dovecot logfile so it doesn't grow beyond a manageable size. Save the below scriptlet as /etc/logrotate.d/dovecot:

# dovecot SIGUSR1: Re-opens the log files.
/var/log/dovecot*.log {
  missingok
  notifempty
  delaycompress
  sharedscripts
  postrotate
    /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
  endscript
}

NOTE: change the path to the logfile(s) and the master.pid file as appropriate for your system configuration. The default location of master.pid is /usr/local/var/run/dovecot/master.pid.

Logging verbosity

There are several settings that control logging verbosity. By default they're all disabled, but they may be useful for debugging.

  • auth_verbose=yes enables logging all failed authentication attempts.

  • auth_debug=yes enables all authentication debug logging (also enables auth_verbose). Passwords are logged as <hidden>.

  • auth_debug_passwords=yes does everything that auth_debug=yes does, but it also removes password hiding.

  • mail_debug=yes enables all kinds of mail related debug logging, such as showing where Dovecot is looking for mails.

  • verbose_ssl=yes enables logging SSL errors and warnings. Even without this setting if connection is closed because of an SSL error, the error is logged as the disconnection reason (v1.1+).

None: Logging (last edited 2009-10-28 03:05:44 by TimoSirainen)