Hello, When I upgraded my servers to dovecot 2.2.13 the monitoring tool monit started to send out warnings that it couldn't reach my imap/pop3 servers through ssl any more. The same problem didn't happen on non-ssl-connections.
According to people on the monit list this is likely a dovecot issue: https://lists.gnu.org/archive/html/monit-general/2014-06/msg00031.html Let me quote: > the root cause of the error is, that dovecot 2.2.13 closes the > connection if SSL is used in response to LOGOUT command instead of > sending usual response. When no SSL is enabled, dovecot responses to > LOGOUT command normally. [...] > According to RFC 3501 (http://tools.ietf.org/html/rfc3501), LOGOUT is > any-state command, where the server MUST send response before closing > the connection: http://tools.ietf.org/html/rfc3501#section-3.4 > > => the problem is caused by dovecot 2.2.13 bug ... its behaviour is > inconsistent (LOGOUT in non-authenticated state works per RFC > requirement if no SSL is used and doesn't conform to RFC if SSL is > used). It is possible that the problem is related to their DoS-attack > modification, which has most probably unexpected side-effect. Maybe this is related to the DDoS-protection measures that have been added in dovecot 2.2.13. Would apprechiate if someone could have a look. cu, -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42
signature.asc
Description: PGP signature
