> On November 15, 2016 at 7:42 PM Adrian POPA <[email protected]> wrote: > > > Hi > > You can't think how glad I am that SSL issues rise again in a new Dovecot > version with next Ubuntu release with a new OpenSSL library. > Some days ago I have posted something similar about Ubuntu 14.04 - Dovecot > 2.2.9 - OpenSSL 1.0 (Dovecot processes turning zombie) but noone cared > about. > I still think is somehow related to ssl-param process + config + auth + > ...whatever (all of them "ignoring idle SIGINT") >
Well, 2.2.9 is pretty old. It was released almost 4 years ago. > If Dovecot SSL implementation is so dependant of a certain version of a > library (OpenSSL for example) you should consider saving a copy of the > "known-good" library version somewhere in Dovecot private space and use it > without relaing on generic system upgrades. > OpenSSL has breaking API changes between 1.0.0, 1.0.1, 1.0.2 and 1.1.0. > Don't get me wrong: I love Dovecot as IMAP server and local delivery agent. > But public interface is unreliable, authentication too, so for now I am > using Dovecot as an isolated server in localhost and attach other public > interfaces to it. Even so, delivery agent LDA is still trying to > authenticate and complains about null passwords (what?). I have destination > addresses that should go to a shared mailbox and that user@domain is never > allowed to login. The workaround is to set an "impossible" password for > those but this is not a nice solution. LDA should care only about what > counts for him (maybe using some defaults) and leave everything else for the > "big boys". > Perhaps you could post your doveconf -n to some new thread along with some explanation of your setup and problem you are trying to solve. > Sorry for any inconvenience, > Adrian POPA > > --- Aki Tuomi Dovecot oy
