[Dovecot] Unsuccessful POP sessions on dovecot-1.0.3-13_60
A Client runs a RAS network. Users access mailboxes using Outlook Express. The server runs dovecot-1.0.3-13_60.
Almost a week ago users began to report that they can't retrieve their mail. The session starts, they seem to retrieve messages, but then the client reports a problem and the session is terminated.
Here's what I have in the log:
May 28 08:56:46 server dovecot: pop3-login: Login: user=user@client, method=PLAIN, rip=::ffff:10.11.9.18, lip=::ffff:10.11.9.108 May 28 08:59:00 server dovecot: POP3(user@client): Disconnected top=0/0, retr=5/448621, del=0/58, size=8991962 May 28 08:59:29 server dovecot: pop3-login: Login: user=user@client, method=PLAIN, rip=::ffff:10.11.9.18, lip=::ffff:10.11.9.108 May 28 09:03:49 server dovecot: POP3(user@client): Disconnected top=0/0, retr=5/448621, del=0/58, size=8991962 May 28 09:04:24 server dovecot: pop3-login: Login: user=user@client, method=PLAIN, rip=::ffff:10.11.9.18, lip=::ffff:10.11.9.108 May 28 09:12:11 server dovecot: POP3(user@client): Disconnected top=0/0, retr=5/448621, del=0/58, size=8991962 May 28 09:14:32 server dovecot: pop3-login: Login: user=user@client, method=PLAIN, rip=::ffff:10.11.9.18, lip=::ffff:10.11.9.108 May 28 09:17:10 server dovecot: POP3(user@client): Disconnected top=0/0, retr=5/448621, del=0/58, size=8991962 May 28 09:17:52 server dovecot: pop3-login: Login: user=user@client, method=PLAIN, rip=::ffff:10.11.9.18, lip=::ffff:10.11.9.108 May 28 09:20:27 server dovecot: POP3(user@client): Disconnected top=0/0, retr=5/448621, del=0/58, size=8991962 May 28 09:23:23 server dovecot: pop3-login: Login: user=user@client, method=PLAIN, rip=::ffff:10.11.9.18, lip=::ffff:10.11.9.108 May 28 09:30:05 server dovecot: POP3(user@client): Disconnected top=0/0, retr=5/448621, del=0/58, size=8991962
What I see is that the client seems to try to retrieve the same mails (retr=5/448621) over and over again.
If they login using IMAP they don't experience any problems.
Any idea what this could be? Rumor has it it's a know problem with Outlook Express and its POP implementation. Is that rumor or a fact?
p@rick
-- state of mind Agentur für Kommunikation, Design und Softwareentwicklung
Patrick Koetter Tel: 089 45227227 Echinger Strasse 3 Fax: 089 45227226 85386 Eching Web: http://www.state-of-mind.de
Amtsgericht München Partnerschaftsregister PR 563
On Thu, 2008-05-29 at 16:16 +0200, Patrick Ben Koetter wrote:
What I see is that the client seems to try to retrieve the same mails (retr=5/448621) over and over again.
If they login using IMAP they don't experience any problems.
Any idea what this could be? Rumor has it it's a know problem with Outlook Express and its POP implementation. Is that rumor or a fact?
Have you already enabled all the pop3 workarounds? If yes, enable rawlog (http://wiki.dovecot.org/Debugging/Rawlog) and see if there's anything special.
- Timo Sirainen dovecot@dovecot.org:
On Thu, 2008-05-29 at 16:16 +0200, Patrick Ben Koetter wrote:
What I see is that the client seems to try to retrieve the same mails (retr=5/448621) over and over again.
If they login using IMAP they don't experience any problems.
Any idea what this could be? Rumor has it it's a know problem with Outlook Express and its POP implementation. Is that rumor or a fact?
Have you already enabled all the pop3 workarounds? If yes, enable rawlog (http://wiki.dovecot.org/Debugging/Rawlog) and see if there's anything special.
Yes, I have enabled the workarounds.
New report indicates there's something wrong with ports. The had 110 closed (to force usage of 995). Once they reopened 110 things went back to normal.
I haven't had time yet to examine this, but as soon as I know news I will post them here too.
Thanks!
p@rick
-- state of mind Agentur für Kommunikation, Design und Softwareentwicklung
Patrick Koetter Tel: 089 45227227 Echinger Strasse 3 Fax: 089 45227226 85386 Eching Web: http://www.state-of-mind.de
Amtsgericht München Partnerschaftsregister PR 563
- Patrick Ben Koetter p@state-of-mind.de:
- Timo Sirainen dovecot@dovecot.org:
On Thu, 2008-05-29 at 16:16 +0200, Patrick Ben Koetter wrote:
What I see is that the client seems to try to retrieve the same mails (retr=5/448621) over and over again.
If they login using IMAP they don't experience any problems.
Any idea what this could be? Rumor has it it's a know problem with Outlook Express and its POP implementation. Is that rumor or a fact?
Have you already enabled all the pop3 workarounds? If yes, enable rawlog (http://wiki.dovecot.org/Debugging/Rawlog) and see if there's anything special.
Yes, I have enabled the workarounds.
New report indicates there's something wrong with ports. The had 110 closed (to force usage of 995). Once they reopened 110 things went back to normal.
I haven't had time yet to examine this, but as soon as I know news I will post them here too.
The short answer is a classic: MTU
The long answer is: MTU, but not as one (I) would usually suspect ...
Turns out, they have been using POP3s for a long time without problems. Problems started, when the CA had to be renewed and all the certificates too. The new certificates are valid.
If it was an MTU problem it should have shown up also when using TLS with the old CA, right?
So what's the difference?
The difference between the old and new certificates is the cipher length. Is used to be 512 and it is 4096 now. This seems (I didn't measure) to have such an impact on packets that they got (too) fragmented and the MTU asynchronity, which had always been there before - began to have a significant effect.
If someone has a better explanation for this, please feel free to
elaborate. All difference I can tell is the cipher length and that I
thing it has an effect on IP packet sizes.We called up the ISP, asked for their MTU, adjusted that on the client side and things went back to normal.
p@rick
participants (2)
-
Patrick Ben Koetter
-
Timo Sirainen