[Dovecot] TLS timeout with 1.2a4

Luigi Rosa lists at luigirosa.com
Thu Dec 11 19:40:48 EET 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have a mail server CentOS 64bit (4 Gb RAM) with Dovecot 1.2a4 and three
accounts. I use Thunderbird 2.

If I enable SSL connection in Thunderbird 2, after three-five minutes I got a
lot of different errors in Thunderbird (Server is not IMAP, Connection lost...).

Everything comes back to normal if I restart Dovecot in the server, but after 5
minutes I got the same errors.

This happens both with an ADSL connection (Thunderbird on Windows XP) AND with a
direct 1 Gbit cross cable connection (Thunderbird on Ubuntu 64 8.10).

If I disable SSL connection on Thunderbird, everything comes back to normal and
I don't get any error.

The SSL-related options in dovecot.conf are:

ssl_disable = no
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
ssl_parameters_regenerate = 47
verbose_ssl = yes
ssl_cipher_list = ALL:!LOW
disable_plaintext_auth = no


What kind of logging can I enable to trace this error?



On the logfile I find something like taht (there are only 3 seconds between the
first and the last line)



dovecot: imap-login: Login: user=<lists at aaa.com>, method=CRAM-MD5, rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Login: user=<lists at aaa.com>, method=CRAM-MD5, rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (auth failed, 1 attempts):
method=CRAM-MD5, rip=xxx, lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS handshaking
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (auth failed, 1 attempts):
method=CRAM-MD5, rip=xxx, lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS handshaking
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (auth failed, 1 attempts):
method=CRAM-MD5, rip=xxx, lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (auth failed, 1 attempts):
method=CRAM-MD5, rip=xxx, lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (auth failed, 1 attempts):
method=CRAM-MD5, rip=xxx, lip=yyy, TLS
dovecot: imap-login: Disconnected: Shutting down (no auth attempts): rip=xxx,
lip=yyy, TLS
dovecot: IMAP(lrosa at bbb.com): Disconnected: Logged out bytes=1028/49877
dovecot: IMAP(lrosa at bbb.com): Disconnected: Logged out bytes=2253/49352
dovecot: IMAP(lrosa at bbb.com): Connection closed bytes=20466/553071
dovecot: IMAP(lrosa at bbb.com): Connection closed bytes=19417/163412
dovecot: IMAP(lrosa at bbb.com): Disconnected: Logged out bytes=2937/69241
dovecot: imap-login: Login: user=<lrosa at bbb.com>, method=CRAM-MD5, rip=xxx, lip=yyy
dovecot: imap-login: Login: user=<lists at aaa.com>, method=CRAM-MD5, rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Login: user=<lrosa at bbb.com>, method=CRAM-MD5, rip=xxx, lip=yyy
dovecot: imap-login: Login: user=<lrosa at bbb.com>, method=CRAM-MD5, rip=xxx, lip=yyy
dovecot: imap-login: Login: user=<lists at aaa.com>, method=CRAM-MD5, rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Login: user=<lrosa at bbb.com>, method=CRAM-MD5, rip=xxx, lip=yyy
dovecot: imap-login: Login: user=<lists at aaa.com>, method=CRAM-MD5, rip=xxx,
lip=yyy, TLS
dovecot: imap-login: Login: user=<lrosa at bbb.com>, method=CRAM-MD5, rip=xxx, lip=yyy
dovecot: IMAP(lrosa at bbb.com): Connection closed bytes=205/41166
dovecot: IMAP(lrosa at bbb.com): Connection closed bytes=609/217506
dovecot: imap-login: Login: user=<lrosa at bbb.com>, method=CRAM-MD5, rip=xxx, lip=yyy

Ciao,
luigi

- --
/
+--[Luigi Rosa]--
\

Fallo oggi, domani potrebbe essere illegale.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklBUKAACgkQ3kWu7Tfl6ZSQgwCbBoD6IEKjPNYriHrKmES4Zj+y
ji0AnRZzU2ETJkVn72kmpR1C+cs3PNdf
=T267
-----END PGP SIGNATURE-----


More information about the dovecot mailing list