similar to: [patch] TLS Handshake failures can crash imap-login

On 20/03/2015 18:24, Timo Sirainen wrote: >> Connecting to dovecot with ssl3 causes imap-login to die: >> >> Mar 20 11:30:35 MAILHOST dovecot: [ID 583609 mail.crit] imap-login: Fatal: master: service(imap-login): child 21918 killed with signal 11 (core dumped) [last ip=127.0.0.1] > > I can't reproduce it. I tried it with the same ssl_* settings you had. Can you get a

On 04/25/2015 11:55 AM, James wrote: > On 24/04/2015 22:17, Hanno B?ck wrote: > > Hello, > >> I tracked down a tricky bug in dovecot that can cause the imap-login >> and pop3-login processes to crash on handshake failures. >> This can be tested by disabling SSLv3 in the dovecot config >> (ssl_protocols = !SSLv2 !SSLv3) and trying to connect with openssl and

On 24/04/2015 22:17, Hanno B?ck wrote: Hello, > I tracked down a tricky bug in dovecot that can cause the imap-login > and pop3-login processes to crash on handshake failures. > This can be tested by disabling SSLv3 in the dovecot config > (ssl_protocols = !SSLv2 !SSLv3) and trying to connect with openssl and > forced sslv3 (openssl s_client -ssl3 -connect localhost:995). This

Connecting to dovecot with ssl3 causes imap-login to die: $ openssl s_client -connect localhost:993 -ssl3 CONNECTED(00000003) 4277630796:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1461:SSL alert number 40 4277630796:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:645: --- no peer certificate available --- No client certificate

On 04/26/2015 10:51 PM, Hanno B?ck wrote: > On Sun, 26 Apr 2015 21:51:25 +0300 > Teemu Huovila <teemu.huovila at dovecot.fi> wrote: > >> Seems the issue might require a version of libopenssl, that does not >> have support for sslv3 compiled in. I have been made aware, that we >> have a fix for Dovecot in the works. > > No that's not true. I have

i'm running dovecot 1.2.9 and, among other things, i have the zlib plugin enabled. A shell script runs once a day to compresses all not still compressed files on the users maildirs. so far so good, it works fine, there's no problem on that. what i think is not happening 100% correctly is the following: 1) user receives a message 2) BEFORE the compress routine runs,

Hi, I have dovecot running for IMAP4/POP3 and also local delivery through LMTP. It's working just fine, absolutely no problem on that, setup is fine. Anyway, sometimes LMTP seems to not be able to deliver some messages and keep them on postfixqueue. And on the next or third try, the message gets delivered successfully. The logged message, however, is not helping me identify

On R 3.2.5, 3.3.2 and devel for Windows, R CMD check --as-cran gives me: Found the following (possibly) invalid URLs: URL: https://www.stat.auckland.ac.nz/~paul/Reports/DisplayList/dl-record.html From: man/capturePlot.Rd Status: Error Message: libcurl error code 35 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure This is reported both by the

The idea of salted hash algorithms is to generate a different hash even if the same text is entered. That can be easily seen with dovecotpw: using NON-salted SHA256, same hash is generated for a given password [root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM= [root at correio ~]# dovecotpw -s SHA256 -p 123

Hi, i think i've the same problem as described here: http://www.dovecot.org/list/dovecot/2009-June/040687.html when opening a folder without an index (?) and bzip-compressed files i get following error message: 2010-02-03T14:12:10.026452+01:00 server dovecot: IMAP(user): gzread() failed: PARAM_ERROR 2010-02-03T14:12:10.026477+01:00 server dovecot: IMAP(user): FETCH for mailbox folder

i'm facing a pretty hard to debug problem when trying to use dovecot LDA (deliver) from postfix. After having all configured, mail deliver fails. This is from my maillog: Feb 12 21:27:54 correio postfix/pipe[12484]: 930F9F6105: to=<solutti at domain.com.br>, relay=dovecot, delay=0.21, delays=0.03/0.01/0/0.18, dsn=4.3.0, status=SOFTBOUNCE (Command died with signal 11:

Hi, I have, in one customer, a web server running on a Verisign-signed certificate SSL certificate. Everything works fine, IE and Firefox connects on https without asking anything, which usually happens on self-signed certificates. I'm trying to use that certificate on dovecot, but clients (Thunderbird basically) keeps saying the certificate is not valid. yes i'm using,

i'd like to make a simple feature request on dovecot .... i'm using v1.2.4 (latest one) and IMAP logout message, by default is: Sep 18 14:26:27 correio dovecot: IMAP(user at domain.com): Disconnected: Logged out bytes=384/932222 the message can be a little customized with: # IMAP logout format string: # %i - total number of bytes read from client # %o - total number of

> SSL3 is no longer included in the cipher sets. Try this: > > ssl_min_protocol = SSLv3 Thanks. Unfortunately, no dice - same error. Any other tips? I was under the impression "no shared cipher" was rather the problem? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: This

i know dovecot can act as IMAP and POP3 proxy ..... but i'm having a hard time configuring it. Actually i'm using a simple dovecot configuration with virtual users stored on MySQL. My dovecot-sql.conf is pretty simple: [root at correio dovecot]# cat dovecot-sql.conf driver = mysql connect = host=localhost dbname=DATABASE user=USERNAME password=PASSWORD default_pass_scheme = PLAIN #

On 04/26/2015 04:07 PM, Florian Pritz wrote: > Since there are three people involved I kindly ask you to be more > specific as to who should provide which (exact) information. > > Given you ask for it right after quoting my link all I can tell you is > that I provide all the information you ask for (openssl version, crash > message) in the link you quoted. Sorry if I was not

I am trying to use fetchmail to monitor box in office365.com. Its not working. Is there a "better" way to monitor and inbox ? I have verified all the ports are open, using 993, using ssl, using sslproto SSL3 etc.. Anyone done this ? Got it working. I basically have: machine outlook.office365.com login myuser at mydomain password mypassword fetchmail --ssl --sslproto SSL3 --smtpname

Am 21.03.2015 um 12:02 schrieb James: > On 21/03/2015 10:55, Reindl Harald wrote: >> >> well, remove that brickage of "special compile" > > I'm sorry but I did not understand your comment why do you compile openssl that way? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size:

We recently upgraded from dovecot 2.2 to 2.3.7.1-1 Not many, but some users are experiencing difficulties. The dovecot directors log: Aug 21 14:28:49 director01 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=redacted, lip=10.0.0.120, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher,

Hey all Would anyone know how you use SNMP to detect that a Cisco router is using an alternative (redundant) interface and then change the routing settings on your firewall. Kind Regards Brent Clark