We’re using nginx to proxy imap connections across a number of backends.
All was fine until we introduced a new backend server running dovecot
and discovered that we were (apparently) randomly seeing an ‘internal
server error’ while trying to authenticate.
The trigger for this problem seems to be dovecot sometimes returning the
“* OK Waiting for authentication process to respond…”
“+ OK” to the login command.
Section 2.2.1 of rfc3501 states
It is also possible for the server to send a completion
response for some other command (if multiple commands are
in progress), or untagged data. In either case, the
command continuation request is still pending; the client
takes the appropriate action for the response, and reads
another response from the server.
so it looks like nginx is incorrectly terminating the connection because
it read data that it didn’t expect.
Has anybody else come across a similar situation and found a way to
resolve the problem?
I guess that it should be fairly trivial to just read and ignore lines
from the server until we find a line starting with the expected tag. I’m
not too familiar with nginx however so I’d be very happy if anyone has a
better fix to suggest before I look into doing that