[GTALUG] War Story: Fedora 33 update silently broke Dovecot (IMAP / POP3 server)

Giles Orr gilesorr at gmail.com
Sun May 9 08:34:46 EDT 2021 

On Sun, 9 May 2021 at 08:30, Giles Orr <gilesorr at gmail.com> wrote:
>
> On Fri, 7 May 2021 at 22:43, D. Hugh Redelmeier via talk
> <talk at gtalug.org> wrote:
> >
> > Only one of us uses IMAP / POP3.  She stopped being able to pick up mail.
> > The message was obscure: Thunderbird reported getting resets from the
> > server.
> >
> > Detective work (leaving out the blind alleys):
> >
> > Look for funny messages in the server log.  The right command is arcane:
> >         $ journalctl -b _SYSTEMD_UNIT=dovecot.service
> >
> > - -b means "since last boot".  Very handy because the log can go back a
> >   long time.
> >
> > - _SYSTEMD_UNIT=dovecot.service: only messages about dovecot.
> >   Such an intuitive form.  It won't work without the .service.
> >   It turns out that there is a shortform, -u or --unit=.
> >
> >
> > May 04 14:07:12 redhop-mimosa-com dovecot[977]: config: Warning: please set ssl_dh=</etc/dovecot/dh.pem
> > May 04 14:07:12 redhop-mimosa-com dovecot[977]: config: Warning: You can generate it with: dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem
> > May 04 14:07:12 redhop-mimosa-com dovecot[977]: pop3-login: Error: Failed to initialize SSL server context: Can't load DH parameters (ssl_dh setting): error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small: user=<>, rip=192.139.70.95, lip=192.139.70.82, session=<jkGQ8oTBnIDAi0Zf>
> > May 04 15:30:28 redhop-mimosa-com dovecot[977]: pop3-login: Error: Failed to initialize SSL server context: Can't load DH parameters (ssl_dh setting): error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small: user=<>, rip=192.139.70.95, lip=192.139.70.82, session=<SWRMHIbBmILAi0Zf>
> >
> > The first two messages were almost impossible to read because the were in yellow.
> >
> > It turns out that the first means that you have to edit /etc/dovecot/conf.d/10-ssl.conf
> > and change
> >         #ssl_dh = </etc/dovecot/dh.pem
> > to
> >         ssl_dh = </etc/dovecot/dh.pem
> >
> > /etc/dovecot/dh.pem was already there.
> >
> > OPTIONAL:
> >
> > /etc/dovecot/dh.pem specified a really weak Diffie-Hellman group.
> > Your should probably strengthen it.  I chose ffdhe2048, a weak one (2048 bits) that is still "OK".
> > See:
> > <https://wiki.mozilla.org/Security/Server_Side_TLS#Pre-defined_DHE_groups>
> >
> > You need it in PEM format.  First save the old one.  Then grab a new one:
> >         curl https://ssl-config.mozilla.org/ffdhe2048.txt > /etc/dovecot/dh.pem
> >
> > Then adjust ownership and permissions.
>
> This sent me on a bit of a chase.  Nginx uses a DH parameters file
> that's used in the same way.  And it's considered a bad idea to use a
> widely known DH parameter (like the one that ships with the software,
> or that sits on a Mozilla server).  This is a semi-useful read:
> https://security.stackexchange.com/questions/94390/whats-the-purpose-of-dh-parameters.
> I say "semi-useful" because honestly some of it was over my head.  And
> that leads to reading about Logjam ( https://weakdh.org/ ).
>
> With Ansible I've automated the generation of a new DH parameter file
> on each new server:
>
>      openssl dhparam -out <filename> <size>
>
> Generating this file takes a significant amount of time (minutes) if
> "size" is reasonably large (2096, although I would recommend 4192)
> even on a modern machine.  But it's a one-off for any given machine,
> so it's a small imposition that I'd recommend.  If this breaks the
> mail setup, you can obviously return to the known value from Mozilla.

"2096" "4192" ... <facepalm>  They're just numbers, but I did mean to
say "2048" and "4096" as regular power-of-2 numbers ...

-- 
Giles
https://www.gilesorr.com/
gilesorr at gmail.com

More information about the talk mailing list