Cannot login to Dovecot with PAM authentication anymore


I run a local Dovecot server to archive my e-mails. Since recently, PAM authentication does not work anymore.

Journalctl complains that /etc/pam.d/imap is missing:

dovecot[2032]: auth-worker(2042): Error: pam(rk,,<NJswDoCCrpp/AAAB>): pam_authenticate() failed: Authentication failure (/etc/pam.d/imap missing?)

So I created the file with a single line:

auth sufficient

This changes the complaint in journalctl to:

dovecot[2032]: auth-worker(2042): Error: pam(rk,,<rUqq5n+Ccpp/AAAB>): pam_acct_mgmt() failed: Authentication failure

My Dovecot configuration /etc/dovecot/dovecot.conf looks like this:

listen =
syslog_facility = mail
mail_location = maildir:~/Mail
ssl = no
protocol imap {
auth_mechanisms = plain
passdb {
	driver = pam
	args = %s
userdb {
	driver = passwd

How can I make PAM authentication work again?


Create a pam file for dovecot

The new version of pam now requires it.


According to the Wiki, I created the missing file with exactly these two lines copy-pasted from Wiki. Now, the systemd-journal says:

 dovecot[2210]: auth-worker(2223): Error: pam(rk,,<4wueq4CCzJp/AAAB>): pam_acct_mgmt() failed: Authentication failure

I interpret this as invalid credentials (username or password wrong), but they are correct. What do I still miss about it?


Another try, changed

args = %s


args = session=yes dovecot


Error: pam(rk,,<3WXM5YCCCJt/AAAB>): pam_open_session() failed: Cannot make/remove an entry for the specified session


This error looks similar to this one

The user changed the /etc/pam.d/dovecot to

auth     required nullok
account  required 
password  required 
session  required 


Thanks, that did it.

Funnily enough, exactly in the moment you answered, I was reading

and wondered if I should expand my /etc/pam.d/dovecot by some lines.