On Sun, 2010-08-29 at 20:51 -0400, Patrick Fay wrote:
Aug 26 20:43:45 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:43:53 hostname Firewall[55]: Deny ^H?^U???^Z connecting from XX.XX.XX.XX:37310 uid = 0 proto=6
Both of these are dovecot hits--but the name is different each time. Also the ?'s aren't really "?" marks; they're trans-ascii characters with high bits set that my mailer doesn't like very much. It really looks like a misdirected pointer or something somewhere, but I'm not familiar enough with the codebase to know where to start looking, or if in fact it is something else that is misconfigured. Any thoughts on how to resolve this?
Dovecot doesn't identify itself anywhere really. I've no idea where your firewall might be taking the name. The best I can guess is argv[0] given to main(), but even that doesn't explain why it would break.