Problems with dovecot 2.2.13 and monit
hanno at hboeck.de
Mon Jun 16 12:35:13 UTC 2014
When I upgraded my servers to dovecot 2.2.13 the monitoring tool monit
started to send out warnings that it couldn't reach my imap/pop3
servers through ssl any more.
The same problem didn't happen on non-ssl-connections.
According to people on the monit list this is likely a dovecot issue:
Let me quote:
> the root cause of the error is, that dovecot 2.2.13 closes the
> connection if SSL is used in response to LOGOUT command instead of
> sending usual response. When no SSL is enabled, dovecot responses to
> LOGOUT command normally.
> According to RFC 3501 (http://tools.ietf.org/html/rfc3501), LOGOUT is
> any-state command, where the server MUST send response before closing
> the connection: http://tools.ietf.org/html/rfc3501#section-3.4
> => the problem is caused by dovecot 2.2.13 bug ... its behaviour is
> inconsistent (LOGOUT in non-authenticated state works per RFC
> requirement if no SSL is used and doesn't conform to RFC if SSL is
> used). It is possible that the problem is related to their DoS-attack
> modification, which has most probably unexpected side-effect.
Maybe this is related to the DDoS-protection measures that have been
added in dovecot 2.2.13.
Would apprechiate if someone could have a look.
mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: not available
More information about the dovecot