[Dovecot] 2.1.7 TLS issues

Timo Sirainen tss at iki.fi
Mon Jun 25 05:20:55 EEST 2012

On 24.6.2012, at 23.20, Christian Rößner wrote:

>>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.
>>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?
>> What was the Dovecot version you were using previously which worked?
> I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one.

Well, there hasn't been many changes in the SSL code. The only thing I can think of is this memory leak fix, which temporarily wasn't implemented correctly. You could try what happens if you revert it:

changeset:   14418:85ad4baedd43
user:        Timo Sirainen <tss at iki.fi>
date:        Thu Apr 12 10:48:55 2012 +0300
summary:     login: Another attempt at fixing SSL memory leak.

changeset:   14417:f80f18d0ffa3
user:        Timo Sirainen <tss at iki.fi>
date:        Thu Apr 12 10:41:44 2012 +0300
summary:     login: Reverted memory leak fix, because it broke some SSL setups?

changeset:   14416:584bd77c38fd
user:        Timo Sirainen <tss at iki.fi>
date:        Wed Apr 11 19:06:44 2012 +0300
summary:     Memory leak fixes.

More information about the dovecot mailing list