服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Dovecot SSL:“未知状态”
Intereting Posts
创build活动目录服务器的开放目录副本 如何在/ etc / network / interfaces中更改ifconfig中的interface ip 无链接不起作用 在xen内核缺乏更新与客户操作系统有任何关系? kinit成功,但ads_sasl_spnego_krb5_bind失败:正在进行SASL绑定 如果我不运行虚拟机,是否启用硬件x86虚拟化(AMD-V或英特尔VT-x)会使我的电脑变慢? 命令行相当于按虚拟目录的应用程序名称设置上的删除button CISCO RV042G到网关的网关 – 将WANstream量转发到远程VPN LAN设备 黑莓企业服务器使用简单的pop3帐户吗? 在linux系统上通过命令行创buildvmware虚拟机 在Linux中创buildNTFS符号链接 查找被黑客入侵的服务器如何被黑客入侵 什么是AddType应用程序/ x-httpd-php-source 是否所有支持Layer 3的交换机都能够实现Layer 2? BTRFS-RAID并从EFI系统分区引导

Dovecot SSL:“未知状态”

两周前,我使用Dovecot和Postfixbuild立了一个Mailserver。 这是一个每天大约有5000封邮件的组织的服务器。 一切工作正常,但今天我启用/etc/dovecot/conf.d/10-logging.conf verbose_ssl ,我几乎每个IMAPlogin得到这个错误消息: 

 Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Aug 30 00:13:32 mail dovecot: auth: Debug: auth client connected (pid=20442) Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: unknown state [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully [94.220.159.232] Aug 30 00:13:32 mail dovecot: imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [94.220.159.232]

我发现只有一个问题与类似的日志条目的计算器,但答案是包括所有中间的证书,我已经做了。

我的/etc/dovecot/conf.d/10-ssl.conf (注释删除): 

 ssl = required ssl_cert = </etc/ssl/certs/my-domain.de ssl_key = </etc/ssl/private/my-domain.de ssl_dh_parameters_length = 2048 ssl_protocols = !SSLv2 !SSLv3 ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_prefer_server_ciphers = yes

有谁知道,在mail.log中这些unknown state条目究竟是什么意思?

这些不是错误消息,而是debugging消息,并清楚地标记为这些。 除非需要verbose_ssl来debugging问题,否则应该closures它。

更多背景:它正在显示SSL握手时所经历的每个状态。 要显示使用来自OpenSSL的函数SSL_state_string_long的状态描述。 该函数没有每个可能状态的string描述,如果没有更具体的描述,则返回“未知状态”。 再次,没有什么可担心的。