In my setup I have Postfix and Dovecot and since if you want them to be secure, plesk's out-of-the-box setup of both is not sufficient so I was into tweaking/hardening them.
My system is Debian 7, all the upgrades that plesk allowed me are done. For mail, I only used what Plesk suggested me. Meaning I have no supplementart dovecot packages installed.
I have added postscreen, spf, dkim checks. Enabled greylisting, disabled all ssl but v1.2, modified the ciphers list, enabled and encouraged ssl etc.
Now all I have left to do is implementing virus scans for incoming and outgoing mails.
Or so I thought.
Yesterday I had to spend a lot of time to figure out why my dovecot server was constantly crashing.
The thing is dovecot was getting Killed with signal 15 minutes after starting. For no apparent reason.
I enabled all debug parameters but couldn't find anything solid. Google didn't help much either.
I had to disable /enable all my conf get line by line in order to find the culprit.
Then I finally got it. When I disabled "service imap|pop3-login" the crashes stopped.
The corrresponding dovecot log from the start of the server till the error (~2minutes)
Is attached with the Users/IP's replaced.
Now I am pretty sure that IF I try to disable non-secure pop3 and imap ports with a command like:
dovecot will crash.
My dovecot.conf is also attached
So, either there's a bug with the dovecot packaged with Plesk or that I'm stuck with port 110 and 143.
Can anybody confirm this is not just me?
My system is Debian 7, all the upgrades that plesk allowed me are done. For mail, I only used what Plesk suggested me. Meaning I have no supplementart dovecot packages installed.
I have added postscreen, spf, dkim checks. Enabled greylisting, disabled all ssl but v1.2, modified the ciphers list, enabled and encouraged ssl etc.
Now all I have left to do is implementing virus scans for incoming and outgoing mails.
Or so I thought.
Yesterday I had to spend a lot of time to figure out why my dovecot server was constantly crashing.
The thing is dovecot was getting Killed with signal 15 minutes after starting. For no apparent reason.
I enabled all debug parameters but couldn't find anything solid. Google didn't help much either.
I had to disable /enable all my conf get line by line in order to find the culprit.
Then I finally got it. When I disabled "service imap|pop3-login" the crashes stopped.
The corrresponding dovecot log from the start of the server till the error (~2minutes)
Is attached with the Users/IP's replaced.
Now I am pretty sure that IF I try to disable non-secure pop3 and imap ports with a command like:
Code:
inet_listener pop3 {
port = 0
}
dovecot will crash.
My dovecot.conf is also attached
So, either there's a bug with the dovecot packaged with Plesk or that I'm stuck with port 110 and 143.
Can anybody confirm this is not just me?