SSL connection reset by peer

Vince42 dovecot at mx24.net
Wed Jul 27 21:55:20 UTC 2016 

Hi,

[Steffen Kaiser] - [2016-07-26 09:05]
>>>> I am running a dovecot server and have set up an external
>>>> monitoring, where every five minutes a login with SSL on port
>>>> 993 is done. I usually get once a day an error "connection
>>>> reset by peer - SSL connect", which goes away until the next
>>>> monitor is executed.

>>> that looks like a basic networking issue to me. Do you have logs
>>> how many users try to connect at this time? Is it always the same
>>> time range? Is the server load very high?

>> My server has nice specs (in fact a 30 times lower scaled server
>> never had this kind of problems), I also don't host many domains
>> and users, therefore I doubt that some kind of limit might be
>> touched. I also suspected some internal system load, but
>> unfortunately the error occurs arbitrarily, which makes me think
>> that no scheduled process is responsible for this. I also ran 'top'
>> during such an event without any obvious load tasks. The system
>> statistics also show no weird peaks. I read about the "running out
>> of random" phenomenon, but during such an event there were still
>> enough resources random-wise.

> what about the network itself? Does the monitor crosses a firewall?

I do not know all the details about my provider's data center, but the
monitor is an internal one running on one of their machines in their
infrastructure. I therefore doubt that this error could be related to
some network issue. The monitor just makes a normal IMAP login and fails
with the SSL error - and a few minutes later everything is fine again.

>> Could it be that I need to offer more login processes or that I
>> should raise some of my configuration values? The
>> mail_max_userip_connections does not seem to solve the problem.

> usually you get some warning in the logs, if such limit is reached.

I desperately searched all kinds of logs - but nothing indicates a
problem that would explain these arbitrary logon errors. I always
thought that I should be more generous with login processes or other
system resources in order to overcome this - but it seems that I am on
the wrong track, if my doveconf -n does not show any oddities.

I fear I will have to accept this error as being "normal" - which is
really odd as my former server ran for years with the same config
without any warning at all. Maybe the next will do it again ... :)))

-- 
Cheers,                        \\|//
Vince                          (o o)
----------------------------ooO-(_)-Ooo-------------------------
 '''   (o)_(o)                                        [ ][0][ ]
 ô¿ô   (=°o°=)   World Domination by Copy and Paste   [ ][ ][0]
  -    (")_(")                                        [0][0][0]

 ()  ascii ribbon campaign - against html e-mail
 /\  www.asciiribbon.org   - against proprietary attachments
                                   Ooo.
---------------------------.ooO----(  )-------------------------
                           (  )    (_/
                            \_)

More information about the dovecot mailing list