[Dovecot] "TLS handshake" errors, frozen IMAP
Another new issue has cropped up with my rc1 -> rc31 upgrade:
This morning, right around the typical morning email surge, Dovecot stopped accepting new IMAP connections. I didn't get a chance to do much troubleshooting and a restart of Dovecot fixed it. The only thing I've been able to find in the logs is a bunch of entries like this one:
Apr 10 09:11:36 cliff dovecot: imap-login: Disconnected: rip=150.253.80.90, lip=150.253.10.10, TLS handshake Apr 10 09:11:36 cliff dovecot: imap-login: Disconnected: rip=150.253.80.208, lip=150.253.10.10, TLS handshake Apr 10 09:11:37 cliff dovecot: imap-login: Disconnected: rip=150.253.91.156, lip=150.253.10.10, TLS handshake
And a few like this: Apr 10 09:17:48 cliff dovecot: imap-login: Disconnected: Shutting down: rip=66.93.16.227, lip=150.253.10.10, TLS handshake
Any idea what that might indicate?
-Ben
On Tue, 2007-04-10 at 10:34 -0500, Ben Beuchler wrote:
Apr 10 09:11:36 cliff dovecot: imap-login: Disconnected: rip=150.253.80.90, lip=150.253.10.10, TLS handshake
This means that client started SSL/TLS handshake, but it wasn't finished. Why that might happen, I don't really know. verbose_ssl=yes might show something, but just as well might not.
Do you have login_process_per_connection=yes? If so and if it happened to all connections, there was something wrong with the global state.
Hmm. Do you see something like this in the error log:
Waiting for SSL parameter file
participants (2)
-
Ben Beuchler
-
Timo Sirainen