On 08/17/2014 11:56 PM, Marius wrote:
Teemu Huovila
writes: On 06/16/2014 03:35 PM, Hanno Böck wrote:>> => the problem is caused by
dovecot 2.2.13 bug ... its
behaviour is
inconsistent (LOGOUT in non-authenticated state works per RFC requirement if no SSL is used and doesn't conform to RFC if SSL is used). It is possible that the problem is related to their DoS-attack modification, which has most probably unexpected side-effect. This was fixed in commits http://hg.dovecot.org/dovecot-2.2/rev/09d3c9c6f0ad and http://hg.dovecot.org/dovecot-2.2/rev/7129fe8bc260
so it will work better in the next release.
br, Teemu Huovila
Hello,
I am having the same problem with dovecot 2.0.9 on CentOS
I manually tested over ssl (imap, 993) and if the connection is authenticated i get the bye reply after I issue logout and connection ends gracefully.
If I fail authentication on purpose and issue logout afterwards, then the connection gets terminated abruptly.
Any way to fix this? The fixes in question are not applied to the 2.0 tree. Furthermore you are not even running the latest release from the 2.0 series, so the fixes for Dovecot might be out of the question, unless you make similar fixes to the version you are running.
One way forward might be to alter the way monit does the monitoring. I got a success on the ssl port, when using the following monit configuration snippet (tested with dovecot 2.2 hg tip and monit github tip". Obviously you have to change "localhost" and the login credentials to whatever matches your config. It also requires plain auth. On the plus side, you get to see if your authentication backend is up and running.
if failed host localhost port 993 type tcpssl sslauto and expect "^\* OK.* Dovecot ready." send "a login test pass \r\n" expect "^a OK.* Logged in" send "a logout\r\n" expect "^\* BYE Logging out\r\na OK Logout completed." then alert
br, Teemu