Upgraded this morning, IMAP stopped working

CentOS Linux 5.11, Virtualmin Pro, ran an upgrade this morning and IMAP stopped working. SMTP and everything else is fine, but I can no longer connect to the IMAP Dovecot server

Status: 
Active

Comments

Howdy -- what problem are you having when attempting to connect via IMAP? Are you receiving an error of some sort? If so, what error are you receiving? Also, do any errors show up in /var/log/maillog?

Was getting error: dovecot: imap-login: Can't set cipher list to 'ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:+TLSv1.1:+TLSv1.2:!MD5:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM': error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command

Modified dovecot.conf as follows, now working. Am I screwing my security with this change?

ssl_cipher_list = ALL:!LOW

Ah, I think you were seeing a bug where Virtualmin could attempt to set the Dovecot cipher list to the same as Apache, and that won't always work.

While Jamie mentioned that the issue should be fixed in a future Virtualmin version, what you may want to do for now is to not set a Dovecot cipher, and to instead set this:

ssl_protocols = !SSlv2 !SSLv3

That, without setting ciphers, would be a secure setup.