On 29/11/2020 22:31 Christy S christys1075@gmail.com wrote:
Hi folks,
I'm stumped on an error we're getting in dovecot after upgrading ubuntu. I will say up front that I'm far from a linux expert. I'm helping my husband by managing a virtual private server to handle his domain, including its email. We set this up two years ago and once I finally got the mail working, it's been humming along just fine since, until two days ago when I performed the ubuntu upgrade. Now, when we try to send mail through his domain thunderbird gives this error:
Your message was sent but a copy was not placed in your sent folder (Sent) due to network or file access errors.
Note that it says this, but the mail isn't actually sent at all. We are using SSL and have been since the beginning which might be part of our problem, but I'm not positive.
A google search suggested adding two lines to the 10-ssl.conf file.
ssl_dh =
I did both of these things and restarted the server completely, but no luck. looking in /var/log/mail.err I see this.
Nov 29 14:08:56 kylesmith-music dovecot: imap-login: Error: Failed to initialize SSL server context: Can't load SSL cert ificate: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small: user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, session=<t4qrdkS1kPNLFhL4> What's interesting is that last line only showed up after I added the two lines to the config file.
My guess is I need to do something with SSL, update it maybe? But I don't want to go fiddling around purely on a guess and potentially break things even more. So, any of you much more linux familiar types want to point me in the right direction? Thanks!
Christy
Your DH parameters are too weak. You should generate at least 2048 byte parameters.
Aki