[GTALUG] War Story: Fedora 33 update silently broke Dovecot (IMAP / POP3 server)
Giles Orr
gilesorr at gmail.com
Sun May 9 08:30:23 EDT 2021
On Fri, 7 May 2021 at 22:43, D. Hugh Redelmeier via talk
<talk at gtalug.org> wrote:
>
> Only one of us uses IMAP / POP3. She stopped being able to pick up mail.
> The message was obscure: Thunderbird reported getting resets from the
> server.
>
> Detective work (leaving out the blind alleys):
>
> Look for funny messages in the server log. The right command is arcane:
> $ journalctl -b _SYSTEMD_UNIT=dovecot.service
>
> - -b means "since last boot". Very handy because the log can go back a
> long time.
>
> - _SYSTEMD_UNIT=dovecot.service: only messages about dovecot.
> Such an intuitive form. It won't work without the .service.
> It turns out that there is a shortform, -u or --unit=.
>
>
> May 04 14:07:12 redhop-mimosa-com dovecot[977]: config: Warning: please set ssl_dh=</etc/dovecot/dh.pem
> May 04 14:07:12 redhop-mimosa-com dovecot[977]: config: Warning: You can generate it with: dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem
> May 04 14:07:12 redhop-mimosa-com dovecot[977]: pop3-login: Error: Failed to initialize SSL server context: Can't load DH parameters (ssl_dh setting): error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small: user=<>, rip=192.139.70.95, lip=192.139.70.82, session=<jkGQ8oTBnIDAi0Zf>
> May 04 15:30:28 redhop-mimosa-com dovecot[977]: pop3-login: Error: Failed to initialize SSL server context: Can't load DH parameters (ssl_dh setting): error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small: user=<>, rip=192.139.70.95, lip=192.139.70.82, session=<SWRMHIbBmILAi0Zf>
>
> The first two messages were almost impossible to read because the were in yellow.
>
> It turns out that the first means that you have to edit /etc/dovecot/conf.d/10-ssl.conf
> and change
> #ssl_dh = </etc/dovecot/dh.pem
> to
> ssl_dh = </etc/dovecot/dh.pem
>
> /etc/dovecot/dh.pem was already there.
>
> OPTIONAL:
>
> /etc/dovecot/dh.pem specified a really weak Diffie-Hellman group.
> Your should probably strengthen it. I chose ffdhe2048, a weak one (2048 bits) that is still "OK".
> See:
> <https://wiki.mozilla.org/Security/Server_Side_TLS#Pre-defined_DHE_groups>
>
> You need it in PEM format. First save the old one. Then grab a new one:
> curl https://ssl-config.mozilla.org/ffdhe2048.txt > /etc/dovecot/dh.pem
>
> Then adjust ownership and permissions.
This sent me on a bit of a chase. Nginx uses a DH parameters file
that's used in the same way. And it's considered a bad idea to use a
widely known DH parameter (like the one that ships with the software,
or that sits on a Mozilla server). This is a semi-useful read:
https://security.stackexchange.com/questions/94390/whats-the-purpose-of-dh-parameters.
I say "semi-useful" because honestly some of it was over my head. And
that leads to reading about Logjam ( https://weakdh.org/ ).
With Ansible I've automated the generation of a new DH parameter file
on each new server:
openssl dhparam -out <filename> <size>
Generating this file takes a significant amount of time (minutes) if
"size" is reasonably large (2096, although I would recommend 4192)
even on a modern machine. But it's a one-off for any given machine,
so it's a small imposition that I'd recommend. If this breaks the
mail setup, you can obviously return to the known value from Mozilla.
--
Giles
https://www.gilesorr.com/
gilesorr at gmail.com
More information about the talk
mailing list