Problems with dovecot 2.2.13 and monit
Teemu Huovila
teemu.huovila at dovecot.fi
Wed Aug 20 09:19:31 UTC 2014
On 08/17/2014 11:56 PM, Marius wrote:
> Teemu Huovila <teemu.huovila <at> dovecot.fi> writes:
>
>>
>> On 06/16/2014 03:35 PM, Hanno Böck wrote:>> => the problem is caused by
> dovecot 2.2.13 bug ... its
>> behaviour is
>>>> inconsistent (LOGOUT in non-authenticated state works per RFC
>>>> requirement if no SSL is used and doesn't conform to RFC if SSL is
>>>> used). It is possible that the problem is related to their DoS-attack
>>>> modification, which has most probably unexpected side-effect.
>> This was fixed in commits
>> http://hg.dovecot.org/dovecot-2.2/rev/09d3c9c6f0ad
>> and
>> http://hg.dovecot.org/dovecot-2.2/rev/7129fe8bc260
>>
>> so it will work better in the next release.
>>
>> br,
>> Teemu Huovila
>>
>>
>
> Hello,
>
> I am having the same problem with dovecot 2.0.9 on CentOS
>
> I manually tested over ssl (imap, 993) and if the connection is
> authenticated i get the bye reply after I issue logout and connection ends
> gracefully.
>
> If I fail authentication on purpose and issue logout afterwards, then the
> connection gets terminated abruptly.
>
> Any way to fix this?
The fixes in question are not applied to the 2.0 tree. Furthermore you are not even running the latest release from the 2.0
series, so the fixes for Dovecot might be out of the question, unless you make similar fixes to the version you are running.
One way forward might be to alter the way monit does the monitoring. I got a success on the ssl port, when using the following
monit configuration snippet (tested with dovecot 2.2 hg tip and monit github tip". Obviously you have to change "localhost" and
the login credentials to whatever matches your config. It also requires plain auth. On the plus side, you get to see if your
authentication backend is up and running.
if failed host localhost port 993 type tcpssl sslauto and
expect "^\* OK.* Dovecot ready."
send "a login test pass \r\n"
expect "^a OK.* Logged in"
send "a logout\r\n"
expect "^\* BYE Logging out\r\na OK Logout completed."
then alert
br,
Teemu
More information about the dovecot
mailing list