similar to: How to disable Director service?

In setting up my new mail server, I am getting the following in the logs: Oct 11 07:10:59 kumo dovecot[5704]: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=24.53.79.10, lip=172.26.12.90, *TLS handshaking: SSL_accept() syscall failed: Success*, session=<B9OokqCUD+UYNU8K> I have tried various ssl_protocols entries, but for now have defaulted back to

Hi all, when hardening dovecot against the POODLE vulnerability, we followed the advise to disable SSL2 and SSL3 but this is giving problems with some email clients (claws-mail). ssl_protocols = !SSLv2 !SSLv3 results in the following error: dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL

Hi @all, after re-installing one of my two frontends/proxy-servers I get the following error messages after some time (sometimes after 1h, sometimes after 24h): 11:23:55 imap-login: Error: socketpair() failed: Too many open files 11:23:55 imap-login: Error: socketpair() failed: Too many open files 11:23:56 imap-login: Error: socketpair() failed: Too many open files 11:23:56 imap-login: Error:

I haven't done this on the old, working machine. So there must be a difference between Debian 7 and 9 how open files are handled? Regards Patrick Aki Tuomi schrieb: > You probably need to increase ulimit -n > > Aki > > > On 23.08.2017 14:10, Patrick Westenberg wrote: >> Hi @all, >> >> after re-installing one of my two frontends/proxy-servers I get

Hi all; I've upgraded a ring of dovecot directors from 2.2.15 to 2.2.36. After the upgrade I've got some instability: a few time per day per server, seemly at random, the auth process stop responding and the clients cannot authenticate any more: Sep 6 14:45:51 imap-front13 dovecot: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting):

Hi, currently we deploying Dovecot as imap/pop3 proxy. Every few minutes some panic/assert occurred (we connect roughly 7k - 8k user at one imap proxy with a connection rate of 200/s). We activate core dumps. Concerning the sensitive information in the dump we would prefer to not share the dump (e.g. i found our ssl private key in the dump). Log/Stack trace: Mar 30 15:54:06 imap16 dovecot:

Hello, I have a new director ring I am setting up on centos 7 with dovecot 2.3.1. I haven't been able to replecate this in testing, but as soon as I start pushing production traffic to the new ring I see dozens of these in the logs: Apr 18 00:34:00 d.director.imapd.sonic.net kernel: imap-login[163107]: segfault at 10 ip 00007ff625698dd5sp 00007ffe4b77bb28 error 4 in

Hi thanks for your help! Trying to set your same parameters, when restarting dovecot, gives the error: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 136: Unknown setting: ssl_prefer_server_ciphers doveconf: Error: managesieve-login: dump-capability process returned 89 doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 136: Unknown setting:

On 12/2/2014 1:32 AM, Reindl Harald wrote: > > Am 02.12.2014 um 06:44 schrieb Will Yardley: >> On Mon, Dec 01, 2014 at 09:27:48PM -0800, Darren Pilgrim wrote: >>> On 12/1/2014 4:43 PM, Will Yardley wrote: >>>> Can you use both ssl_protocols *and* ssl_cipher_list in the same config >>>> (in a way that's sane)? >>> >>>> Is there a

Hi Folks, after adding TLSv1.2 to by TLS options a lot of Outlook users complaint about connection errors, openssl s_client and Thunderbird works fine. I found some posts about this but none of them had a real solution on this - I meanwhile disabled TLSv1.2 which made the Outlook users happy. I run dovecot 2.2.13, OpenSSL 1.0.1j 15 Oct 2014 ssl_cert = </var/qmail/control/servercert.pem

Hello, I stumbled across a 5-year-old post on the dovecot list about changing the dovecot hierarchy separator to enable shared mailboxes (http://www.dovecot.org/list/dovecot/2011-January/056201.html <http://www.dovecot.org/list/dovecot/2011-January/056201.html>). At the moment I?m stuck in a pretty similar situation. Migrated from courier to dovecot 2 years ago and preserved the

Hi, I tried to migrate my dovecot 2.2 to a new server with a other storage configuration and dovecot 2.3. New (and old) Server uses mysql for user information I use the following storage settings mail_home = /storage1/vmail/%{userdb:path} mail_location =

I set icecast.xmp: <listen-socket> <port>8000</port> </listen-socket> <listen-socket> <port>8443</port> <ssl>1</ssl> </listen-socket> 8000 work, 8443 not work. If set ssl to port 8000 not work nothing V V sob., 27. jun. 2020 ob 18:13 je oseba Paul Martin <pm at nowster.me.uk> napisala:

On 10 Jun 2020, at 23:18, @lbutlr <kremels at kreme.com> wrote: > IF it?s not permissions you need to provide doveconf -n output. Bloglines for any fall, panic, or error level events at a minimum. Apologies, I did not see the attachments. Will look on a real screen later.

Thanks for your reply; I used the defaults, both before and after the upgrade, cf. https://wiki2.dovecot.org/Upgrading/2.3 -> Setting default changes. The new defaults broke the connection. Jan > what are your settings? > > Mine are below and they work just fine: > > ssl_cipher_list = >

Hello, Currently working on migrating our existing directors from 2.1.13 to 2.2.10. In 2.2.10 when issuing the logout command on an unauthenticated connection, the connection is closed before the server sends the BYE line to the client. The new version works as expected with a non-secure connection. I will include the strace output from the imap-login process that shows the connection closing

Hi, To default dovecot.conf file I added (based on found documentation): ssl = required disable_plaintext_auth = yes #change default 'no' to 'yes' ssl_prefer_server_ciphers = yes ssl_options = no_compression ssl_dh_parameters_length = 2048 ssl_cipher_list =

I have been reading up on TLS and Dovecot and came across this URL: https://www.weakdh.org/sysadmin.html which recommended these settings for Dovecot. I would like to know if they are correct? Some much documentation on the web is pure garbage. Dovecot These changes should be made in /etc/dovecot.conf Cipher Suites

Thank You for answers. But: 1. How should be properly configured ssl_cipher_list? 2. Ok, removed !TLSv1 !TLSv1.1. 3. Strange thing with ssl_protocols and ssl_cipher_list, because on older server on Ubuntu 14.04 LTS, dovecot 2.2.9 and postfix 2.11.0 these two lines looks exactly this same and no errors in mail.err file and mailes works without any problem. 4. No, currently I don't use LMTP.

I have the following two settings in my "10-ssl.conf" file # SSL protocols to use ssl_protocols = !SSLv2 # SSL ciphers to use ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL I have seen different configurations while Googling. I am wondering what the consensus is for the best settings for these two items. What do the developers recommend? Thanks! -- Jerry