On 23.2.2013, at 18.03, Charles Marcus <cmar...@media-brokers.com> wrote:
> Ok, I have a strange problem after updating both dovecot and openssl... > > OpenSSL was 1.0.0j, now updated to 1.0.1c > Dovecot was 2.1.13, now updated to 2.1.15 > > I'm getting a bunch of lines like the following: > > Feb 23 10:48:01 myhost dovecot: imap-login: Disconnected (no auth attempts in > 29 secs): user=<>, rip=#.#.#.#, lport=993, TLS handshaking: SSL_accept() > syscall failed: Connection reset by peer, session=<In+cO2bWngCthJz2> > > where only the session id (and number of seconds for no auth attempts) is > different... > > This is happening for only the one client. All other clients - I've counted > about 25 so far - are working fine. > > Anyone have any ideas? I can't believe it is a generic openssl problem, since > it is only affecting the one client. Most likely related to the OpenSSL upgrade. Dovecot at least didn't change anything SSL related. You could see if verbose_ssl=yes logs anything interesting. And like Reindi mentioned, ssl_cipher_list is pretty much the only thing in Dovecot's configuration that may be related to this.