Am 23.02.2013 17:03, schrieb Charles Marcus:
OpenSSL was 1.0.0j, now updated to 1.0.1c Dovecot was 2.1.13, now updated to 2.1.15
on which distribtuion can you update openssl with a ABI-bump without re-compile half of the system? 1.0.0x is not binary compatible with 1.0.1x and that is as example why Fedora 17 stays at 1.0.0x and Fedora 18 has 1.01x
I'm getting a bunch of lines like the following:
Feb 23 10:48:01 myhost dovecot: imap-login: Disconnected (no auth attempts in 29 secs): user=<>, rip=#.#.#.#, lport=993, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session=<In+cO2bWngCthJz2>
where only the session id (and number of seconds for no auth attempts) is different...
how looks your "ssl_cipher_list"? ssl_cipher_list = ALL:!LOW:!MEDIUM:!SSLv2:!MD5:!aNULL:!eNUL:!ADH:!AESGCM:!EXP:HIGH