POP3 + SSL problem after upgrade to ZCS 7.1

[Labsy]

Hi,
after upgrading my ZCS 7.0.2 to 7.1 users have problems connecting to server using POP3+SSL (port 995). They all get the same error:

Your server does not support encryption type you have specified.

I did not mess with (valid) SSL certificate after ZCS upgrade, and also SSL is valid and shows properly in admin console. POP3 service is running.
Plain-text POP3 via port 110 works without problems.

When testing with telnet to port 995, instead of blank reply, I get a bunch of smileys:
§♥☺☻☺

Connection to host lost.

Any idea?
Anybody else with same problems?

[Labsy]

UPDATE:
Found almost 100 connections to POP3S port 995 from 1 single IP, like:

Code:

tcp6    0    0    zimbra.server.com:pop3s 1.2.3.4%187:51234 ESTABLISHED
tcp6    0    0    zimbra.server.com:pop3s 1.2.3.4%187:51235 ESTABLISHED
tcp6    0    0    zimbra.server.com:pop3s 1.2.3.4%187:51236 ESTABLISHED
tcp6    0    0    zimbra.server.com:pop3s 1.2.3.4%187:51237 ESTABLISHED
tcp6    0    0    zimbra.server.com:pop3s 1.2.3.4%187:51238 ESTABLISHED
tcp6    0    0    zimbra.server.com:pop3s 1.2.3.4%187:51239 ESTABLISHED
...

As I cannot change default 100 pop3 connections limit without restart, I tried to block this IP on firewall level, but since connections are ESTABLISHED, firewall cannot kill them.

So next I try to kill those sessions:

Code:

tcpkill host 1.2.3.4

But no connections were killed, stuck with

Code:

tcpkill: listening on eth0 [host 1.2.3.4]

Anyways, seems like I found problem source.

[Labsy]

Actually...considering circumstances, this could also be Zimbra vulnerability, since an attacker can open multiple POP3 connections to server, rendering it unavailable for all other users.