1. Forum
  2. Usenet
  3. LINUX.GENTOO.USER

  • [gentoo-user] strange error using courier-imapd-ssl

    From covici@ccs.covici.com@21:1/5 to All on Sun Dec 22 22:10:01 2024
    Hi. Well, I use an emacs mua and I get my mail using
    courier-imapd-ssl. Now, every so often, the system tells me
    auto-plugged off and gives me this line:

    GnuTLS error: #<process IMAP>, -110

    Now the real cause seems to be a problem with courier-imapd-ssl and
    the status looks like this:

    $B!|(B courier-imapd-ssl.service - Courier IMAP Daemon
    Loaded: loaded (/usr/lib/systemd/system/courier-imapd-ssl.service; enabled; preset: disabled)
    Active: active (running) since Sat 2024-12-21 15:27:42 EST; 24h ago
    Invocation: b3752652fabd45d4b1967183e23d5e1a
    Process: 1981694 ExecStart=/usr/lib64/courier-imap/gentoo-imapd-ssl.rc (code=exited, status=0/SUCCESS)
    Main PID: 1981703 (couriertcpd)
    Tasks: 10 (limit: 38196)
    Memory: 15.8M
    CGroup: /system.slice/courier-imapd-ssl.service
    $B('(!(B1981703 /usr/lib64/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/lib64/courier-imap/courierlogger -stderrloggername=imapd-ssl -maxprocs=40 -maxperip=4 -pid=/var/run/imapd-ssl.pid -nodnslookup 993 /usr/sbin/couriertls -
    server -tcpd /usr/sbin/imaplogin /usr/lib64/courier-imap/courier-imapd.indirect .maildir
    $B('(!(B1981705 /usr/lib64/courier-imap/courierlogger imapd-ssl
    $B('(!(B2118449 /usr/sbin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib64/courier-imap/courier-imapd.indirect .maildir
    $B('(!(B2118450 /usr/sbin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib64/courier-imap/courier-imapd.indirect .maildir
    $B('(!(B2118451 /usr/sbin/courier-imapd .maildir
    $B('(!(B2118452 /usr/sbin/courier-imapd .maildir
    $B('(!(B2128146 /usr/sbin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib64/courier-imap/courier-imapd.indirect .maildir
    $B('(!(B2128147 /usr/sbin/courier-imapd .maildir
    $B('(!(B2128157 /usr/sbin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib64/courier-imap/courier-imapd.indirect .maildir
    $B(&(!(B2128158 /usr/sbin/imaplogin /usr/lib64/courier-imap/courier-imapd.indirect .maildir

    Dec 22 15:41:46 ccs.covici.com imapd-ssl[1981705]: Maximum connection limit reached for ::ffff:166.84.7.75
    Dec 22 15:44:10 ccs.covici.com imapd-ssl[1981705]: ip=[::ffff:65.49.1.74], couriertls: accept: error:0A000126:SSL routines::unexpected eof while reading
    Dec 22 15:44:25 ccs.covici.com imapd-ssl[1981705]: Connection, ip=[::ffff:65.49.1.72], port=[20427]
    Dec 22 15:44:25 ccs.covici.com imapd-ssl[1981705]: ip=[::ffff:65.49.1.72], couriertls: read: error:0A000126:SSL routines::unexpected eof while reading
    Dec 22 15:44:25 ccs.covici.com imapd-ssl[1981705]: Disconnected, ip=[::ffff:65.49.1.72], port=[20427], time=0, starttls=1
    Dec 22 15:46:10 ccs.covici.com imapd-ssl[1981705]: Connection, ip=[::ffff:166.84.7.75], port=[64882]
    Dec 22 15:46:10 ccs.covici.com imapd-ssl[1981705]: LOGIN FAILED, method=CRAM-MD5, ip=[::ffff:166.84.7.75], port=[64882]
    Dec 22 15:46:15 ccs.covici.com imapd-ssl[1981705]: LOGIN, user=cell4612, ip=[::ffff:166.84.7.75], port=[64882], protocol=IMAP, starttls=1
    Dec 22 15:46:16 ccs.covici.com imapd-ssl[1981705]: Connection, ip=[::ffff:166.84.7.75], port=[64885]
    Dec 22 15:46:16 ccs.covici.com imapd-ssl[1981705]: LOGIN FAILED, method=CRAM-MD5, ip=[::ffff:166.84.7.75], port=[64885]

    I can always get back to normal by restarting courier-imapd-ssl, but I
    would like not to have to do this -- it happens every day or two.

    Any ideas?

    Thanks in advance for any suggestions.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Matt Jolly@21:1/5 to covici@ccs.covici.com on Mon Dec 23 01:00:02 2024
    Hi,

    It's been a while since I dealt with IMAP, but the SSL errors
    that you're listing here are from the client side.

    On 23/12/24 07:02, covici@ccs.covici.com wrote:
    Dec 22 15:44:10 ccs.covici.com imapd-ssl[1981705]:
    ip=[::ffff:65.49.1.74], couriertls: accept: error:0A000126:SSL routines::unexpected eof while reading
    Dec 22 15:44:25 ccs.covici.com imapd-ssl[1981705]: Connection,
    ip=[::ffff:65.49.1.72], port=[20427]
    Dec 22 15:44:25 ccs.covici.com imapd-ssl[1981705]:
    ip=[::ffff:65.49.1.72], couriertls: read: error:0A000126:SSL routines::unexpected eof while reading

    This is happening because your client is not cleanly closing the
    connection[1].

    In OpenSSL you can set the `SSL_OP_IGNORE_UNEXPECTED_EOF` option
    to pretend that the client cleanly closed the connection. See:

    https://www.openssl.org/docs/man3.1/man3/SSL_set_options.html

    Cheers,

    Matt

    1: https://github.com/openssl/openssl/discussions/22690

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)