Am 07.03.2018 um 17:00 schrieb Andrew Nichols via Info-cyrus:
Hello,
We run a cyrus-imap 2.5.11 server under FreeBSD and we are experiencing issues
with TLS/STARTTLS negotiation failed entries in the log, which show as timeouts
on the client side. It’s all different email clients and even our monitoring
experiencing these failures. Other TLS services (https mostly) on the same
server do not have these failures. There are also times when these errors ramp
up and happen to most TLS clients, which is only solved by restarting cyrus.
Has anyone else experiences these issues or have any tips on where to look to
figure out the root cause?
Has your server enough entropy?
Specially cloud servers with no physical ports can run low on entropy
and the random number generator used for SSL/TLS stuff needs to way
until it is filled up again.
To check the amount of bytes of entropy currently available, use
|cat /proc/sys/kernel/random/entropy_avail From
https://serverfault.com/questions/214605/gpg-does-not-have-enough-entropy|
André
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
