Hello,
We are running Dovecot 1.0.0 (Debian Etch, Backports.org, OpenSSL) in a production environment and we experience sporadic SSL connection problems. At the moment, it's difficult to tell if the server goes back to normal operation after some time or if it can be reproduces at any time because we have to restart it as soon as we get Nagios alerts.
Some tests with openssl s_client have shown difficulties to proceed the SSL handshake (hanging at different stages), or no response to IMAP commands.
SSL client used: openssl s_client -host imap -port 993
- First case : s_client hangs on the first output "CONNECTED(00000003)" and there is no handshake at all;
- Second case : like the first but the handshake starts after a few minutes;
- Third case : the handshake goes fine but the "OK" server banner is never sent (no response to commands);
- Fourth case : the greeting banner is received but dovecot will never answer.
The configuration file is almost identical to the default and SSL certificate is not the autogenerated one. Log files do not show dying process.
I've searched the ML archive for SSL issues but not found related bug. Does anyone use the Backport.org package of Dovecot ?
Thank you :)
-- Thibault VINCENT tibal@reloaded.fr thibault.vincent@reloaded.fr PGP Key : 0x4BA8A39B