Am 14.01.2014 20:26, schrieb Pascal Volk: > Please define 'forever' > > I just did `time openssl s_client -connect mail.example.com:143 > -starttls imap` (and nothing else): > > CONNECTED(00000003) > depth=0 CN = mail.… > … > . OK Pre-login capabilities listed, post-login capabilities have more. > * BYE Disconnected for inactivity. > closed > > real 3m0.377s > user 0m0.016s > sys 0m0.000s > > As you can see, Dovecot closed the connection after three minutes
did you read the "This will make our mail server vulnerable to DOS attack" 3 minutes is *way too long* in case of a DOS attack if no single byte data is received there is no reason not to close the connection at least after 30 seconds
signature.asc
Description: OpenPGP digital signature
