Dovecot won't accept IMAP TLS 1 connections from older devices [SOLVED]
I've spent days scouring the Internet and trying various solutions on a problem with my Dovecot installation, so I thought I'd share what I learned in hopes of saving other people a lot of time. The dedicated Dovecot hands will know all of the following already. This is for those of us that have to cover a lot of bases.
I upgraded my mail server from Ubuntu 18.04.1 to Ubuntu 20.04.1, and found that older Mac-books and iPads (and probably other devices) could no longer establish IMAP connections to Dovecot. Dovecot logged:
SSL routines:tls_early_post_process_client_hello:unsupported protocol
and TCP/IP traces showed that it dropped the connection after the client's initial HELLO. I tested what kinds of connections Dovecot would accept with (for example):
openssl s_client -tls1_1 -connect localhost:993 # Test whether TLSv1.1 is accepted - received "unsupported protocol" message.
Searching showed that Dovecot has a parameter "ssl_min_protocol", which is documented as defaulting to TLSv1. Nevertheless I explicitly set it to TLSv1 with no effect. This was a red herring. I spent a long time looking to see if Dovecot had a bug in handling this newish parameter, etc.
Eventually I came across one posting regarding a web server, that told me the OpenSSL libraries that Dovecot and lots of other packages use has a single configuration file for the entire system. In Ubuntu 20.04 it defaults to requiring TLSv1.2 or above. Changing the configuration for OpenSSL affects everything on the system using the library. I changed the file, restarted Dovecot, and it immediately accepted TLSv1 connections.
Obviously I'd prefer to maintain the improved security of TLSv1.2, but in my case it was better to continue providing mail service at a lower security level than to deny service to some users until they upgraded their personal devices. You'll need to make your on decision on that score.
The file to change is (on Ubuntu, at least) /usr/lib/ssl/openssl.cnf. The change consists of adding a line of code in the initial section that invokes several new sections later:
In the initial section I added:
openssl_conf = default_conf
Then at the bottom of the file I added:
[default_conf] ssl_conf = ssl_sect
[ssl_sect] system_default = system_default_sect
[system_default_sect] MinProtocol = TLSv1 CipherString = DEFAULT@SECLEVEL=1
There is an alternative approach that I have read of but not tested. Basically you can create a new file elsewhere with the customized content, and then set an environmental variable (OPENSSL_CONF) just before launching Dovecot that points to your new file. This way, only Dovecot is using downgraded security. Since my mail server is a dedicated system and I didn't want to muck with the Dovecot start-up environment, I didn't feel the need to go that route.
So all my digging into why Dovecot wouldn't accept TLSv1 connections and how to change it were completely on the wrong path. It would be nice if Dovecot could log a message when its ssl_min_protocol is set lower than what OpenSSL will accept, but Dovecot may not be able to tell what OpenSSL is doing. In any case, those are the symptoms, the real problem, and how to fix it. Good luck, and thanks to Matt Caswell for posting the answer that I eventually found.
Ref: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-se...
On 16/10/2020 07:18 Brian Martin bmartin@silverflash.net wrote:
I've spent days scouring the Internet and trying various solutions on a problem with my Dovecot installation, so I thought I'd share what I learned in hopes of saving other people a lot of time. The dedicated Dovecot hands will know all of the following already. This is for those of us that have to cover a lot of bases.
I upgraded my mail server from Ubuntu 18.04.1 to Ubuntu 20.04.1, and found that older Mac-books and iPads (and probably other devices) could no longer establish IMAP connections to Dovecot. Dovecot logged:
SSL routines:tls_early_post_process_client_hello:unsupported protocol
and TCP/IP traces showed that it dropped the connection after the client's initial HELLO. I tested what kinds of connections Dovecot would accept with (for example):
openssl s_client -tls1_1 -connect localhost:993 # Test whether TLSv1.1 is accepted - received "unsupported protocol" message.
Searching showed that Dovecot has a parameter "ssl_min_protocol", which is documented as defaulting to TLSv1. Nevertheless I explicitly set it to TLSv1 with no effect. This was a red herring. I spent a long time looking to see if Dovecot had a bug in handling this newish parameter, etc.
Eventually I came across one posting regarding a web server, that told me the OpenSSL libraries that Dovecot and lots of other packages use has a single configuration file for the entire system. In Ubuntu 20.04 it defaults to requiring TLSv1.2 or above. Changing the configuration for OpenSSL affects everything on the system using the library. I changed the file, restarted Dovecot, and it immediately accepted TLSv1 connections.
Obviously I'd prefer to maintain the improved security of TLSv1.2, but in my case it was better to continue providing mail service at a lower security level than to deny service to some users until they upgraded their personal devices. You'll need to make your on decision on that score.
The file to change is (on Ubuntu, at least) /usr/lib/ssl/openssl.cnf. The change consists of adding a line of code in the initial section that invokes several new sections later:
In the initial section I added:
openssl_conf = default_conf
Then at the bottom of the file I added:
[default_conf] ssl_conf = ssl_sect
[ssl_sect] system_default = system_default_sect
[system_default_sect] MinProtocol = TLSv1 CipherString = DEFAULT@SECLEVEL=1
There is an alternative approach that I have read of but not tested. Basically you can create a new file elsewhere with the customized content, and then set an environmental variable (OPENSSL_CONF) just before launching Dovecot that points to your new file. This way, only Dovecot is using downgraded security. Since my mail server is a dedicated system and I didn't want to muck with the Dovecot start-up environment, I didn't feel the need to go that route.
So all my digging into why Dovecot wouldn't accept TLSv1 connections and how to change it were completely on the wrong path. It would be nice if Dovecot could log a message when its ssl_min_protocol is set lower than what OpenSSL will accept, but Dovecot may not be able to tell what OpenSSL is doing. In any case, those are the symptoms, the real problem, and how to fix it. Good luck, and thanks to Matt Caswell for posting the answer that I eventually found.
Ref: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-se...
Yeah. This is a known issue, and we have a ticket about allowing configuring the minimum accepted level on dovecot. It has not been done yet, though.
Thank you for the workaround.
Aki
On 15 Oct 2020, at 22:18, Brian Martin bmartin@silverflash.net wrote:
Eventually I came across one posting regarding a web server, that told me the OpenSSL libraries that Dovecot and lots of other packages use has a single configuration file for the entire system. In Ubuntu 20.04 it defaults to requiring TLSv1.2 or above. Changing the configuration for OpenSSL affects everything on the system using the library. I changed the file, restarted Dovecot, and it immediately accepted TLSv1 connections.
I believe current versions of OpenSSL have removed support for TLSv1 and TLSv1.1, so is your OpenSSL up-to-date?
The recommendation on this is clear, BTW:
https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html#rfc.s...
"TLSv1.0 MUST NOT be used. Negotiation of TLSv1.0 from any version of TLS MUST NOT be permitted."
…
"TLSv1.1 MUST NOT be used. Negotiation of TLSv1.1 from any version of TLS MUST NOT be permitted."
I removed support for TLSv1.1 quite some time ago (and T:Sv1.0 some time before that). People with older clients can use the webmail or their mobile devices, if their browser supports TLSv1.2 or TLSv1.3. I did have one Mac user who refused to upgrade his OS though his device supported it, but then was forced to in order to connect his iPhone, if I recall correctly.
Not sure what browsers support TLS 1.0 or 1.1 anymore, but I do know Google Chrome and Firefox dropped support some months back, though they might have rolled it back temporarily since so many government sites were not updated in the midst of the pandemic. (Not sure about this, but it seems I read something along these lines. I have no way of verifying as I moved everything off TLS1.1 and lower quite a while back.)
Anyone on a machine that will not support TLSv1.2 or TLSv1.3 is going to be having a very limited experience with the entirety of the Internet, not just with mail.
-- If you must choose between two evils, pick the one you've never tried before.
participants (3)
-
@lbutlr
-
Aki Tuomi
-
Brian Martin