Problems with dovecot 2.2.13 and monit
Hanno Böck
hanno at hboeck.de
Mon Jun 16 12:35:13 UTC 2014
Hello,
When I upgraded my servers to dovecot 2.2.13 the monitoring tool monit
started to send out warnings that it couldn't reach my imap/pop3
servers through ssl any more.
The same problem didn't happen on non-ssl-connections.
According to people on the monit list this is likely a dovecot issue:
https://lists.gnu.org/archive/html/monit-general/2014-06/msg00031.html
Let me quote:
> the root cause of the error is, that dovecot 2.2.13 closes the
> connection if SSL is used in response to LOGOUT command instead of
> sending usual response. When no SSL is enabled, dovecot responses to
> LOGOUT command normally.
[...]
> According to RFC 3501 (http://tools.ietf.org/html/rfc3501), LOGOUT is
> any-state command, where the server MUST send response before closing
> the connection: http://tools.ietf.org/html/rfc3501#section-3.4
>
> => the problem is caused by dovecot 2.2.13 bug ... its behaviour is
> inconsistent (LOGOUT in non-authenticated state works per RFC
> requirement if no SSL is used and doesn't conform to RFC if SSL is
> used). It is possible that the problem is related to their DoS-attack
> modification, which has most probably unexpected side-effect.
Maybe this is related to the DDoS-protection measures that have been
added in dovecot 2.2.13.
Would apprechiate if someone could have a look.
cu,
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140616/06084693/attachment.sig>
More information about the dovecot
mailing list