I work at a K12 school district where we use Zimbra on a server running Ubuntu Hardy. I'm not the primary Zimbra admin but I have root access on the box and have done some work on it from time to time. I use Evolution with IMAP for my email and connect to the server with TLS.

It all works great when I'm at the office or any of our schools, but from home or anywhere else outside the trusted networks I am unable to get a reliable IMAP connection: some operations succeed and others fail. Refreshing a mailbox, saving a draft or sent message, deleting one or more messages: all of those operations seem to arbitrarily succeed or fail, and I haven't yet pinned down the exact failure conditions.

The proxy log is the only one showing any errors, so here's an excerpt from /opt/zimbra/log/nginx.log as I opened Evolution, waited for it to refresh, and closed it again (triggering a trash purge). Assume 1.2.3.4 is my home IP address and example.com is our domain. 192.168.1.55 is the Zimbra server. We only use the one server in production, but we have the proxy active because there's a secondary server which I think we're planning to use for something at some point (not sure what or when).

2010/10/31 15:32:58 [info] 14277#0: *3708354 client 1.2.3.4 connected to 0.0.0.0:143
2010/10/31 15:32:58 [info] 14277#0: *3708354 client logged in, client: 1.2.3.4 using starttls, server: 0.0.0.0:143, login: "rtandy@example.com", upstream: 192.168.1.55:7143, [1.2.3.4:40678-192.168.1.55:143] <=> [192.168.1.55:44265-192.168.1.55:7143]
2010/10/31 15:32:59 [info] 14277#0: *3708354 proxied session done, client: 1.2.3.4 using starttls, server: 0.0.0.0:143, login: "rtandy@example.com", upstream: 192.168.1.55:7143, [0.0.0.0:0-192.168.1.55:143] <=> [192.168.1.55:44265-192.168.1.55:7143]
2010/10/31 15:32:59 [info] 14277#0: *3708354 SSL_write() failed (SSL (32: Broken pipe) while proxying, client: 1.2.3.4 using starttls, server: 0.0.0.0:143, login: "rtandy@example.com", upstream: 192.168.1.55:7143, [0.0.0.0:0-192.168.1.55:143] <=> [0.0.0.0:0-0.0.0.0:0]
2010/10/31 15:32:59 [info] 14277#0: *3708359 client 1.2.3.4 connected to 0.0.0.0:143
2010/10/31 15:32:59 [info] 14277#0: *3708359 SSL_write() failed (SSL (32: Broken pipe) while in auth state, client: 1.2.3.4 using starttls, server: 0.0.0.0:143
2010/10/31 15:32:59 [info] 14277#0: *3708360 client 1.2.3.4 connected to 0.0.0.0:143
2010/10/31 15:32:59 [info] 14277#0: *3708360 client logged in, client: 1.2.3.4 using starttls, server: 0.0.0.0:143, login: "rtandy@example.com", upstream: 192.168.1.55:7143, [1.2.3.4:40680-192.168.1.55:143] <=> [192.168.1.55:44268-192.168.1.55:7143]
2010/10/31 15:33:12 [info] 14277#0: *3708360 proxied session done, client: 1.2.3.4 using starttls, server: 0.0.0.0:143, login: "rtandy@example.com", upstream: 192.168.1.55:7143, [1.2.3.4:40680-192.168.1.55:143] <=> [192.168.1.55:44268-192.168.1.55:7143]
2010/10/31 15:33:12 [info] 14281#0: *3708397 client 1.2.3.4 connected to 0.0.0.0:143
2010/10/31 15:33:12 [info] 14281#0: *3708397 peer closed connection in SSL handshake (104: Connection reset by peer) while in starttls state, client: 1.2.3.4 using starttls, server: 0.0.0.0:143
Thanks in advance for any help!