Bug 420474

Summary: Can't connect to receiving imap server
Product: [Applications] kmail2 Reporter: Papadakos Panagiotis <papadako>
Component: generalAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED FIXED    
Severity: normal CC: mail
Priority: NOR    
Version: 5.13.3   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Papadakos Panagiotis 2020-04-23 18:19:48 UTC 
SUMMARY

Can't connect to the imap server in my institute for receiving my emails. I get messages like org.kde.pim.kimap: Connection to server lost  QAbstractSocket::SocketError(13)

The admins say that the client is making a lot of requests to the server that why it is blocked. On the other hand I can send emails to the server.

This has been happening for some months now after some upgrade. Currently I am using Kubuntu 20.04. There is no problem with thunderbird though.


STEPS TO REPRODUCE
1. Try to sync with my server
2. 
3. 

OBSERVED RESULT
A number of the following messages appear if I run akonadi from the  konsole
org.kde.pim.kimap: Connection to server lost  QAbstractSocket::SocketError(13)

EXPECTED RESULT



SOFTWARE/OS VERSIONS
Windows: 
macOS: 
Linux/KDE Plasma: Kubuntu 20.04
(available in About System)
KDE Plasma Version: 5.18.4
KDE Frameworks Version: 5.68.0
Qt Version: 

ADDITIONAL INFORMATION
Comment 1 Damian 2020-06-27 19:46:10 UTC 
I am affected by this bug too. The file .xsession-errors show a stream of messages like the one mentioned (org.kde.pim.kimap: Connection to server lost  QAbstractSocket::SocketError(13)), and the UI reports thet the connection was not successful (only once).

I was working with Kubuntu 19.10, but once I installed Kubuntu 20.04 it does not work anymore. I have installed the KDE backports PPA but there is no update to Akonadi/KMail, so the problem is not solved.

Debugging the connection with Wireshark I have observed that the TLS handshake stops at "Server Hello Done", no "Client Key Exhange" step ever happens, as can be seen in [1].

And as the OP said, the account can be successfully configured with Thunderbird.

[1]: https://www.thesslstore.com/blog/explaining-ssl-handshake/#the-tls-12-handshake-step-by-step
Comment 2 Papadakos Panagiotis 2020-06-28 18:10:47 UTC 
Hi Damian,

can you send emails using the problematic account? In my case, the problem appears only while receiving emails.
Comment 3 Damian 2020-07-09 20:49:28 UTC 
Hi Panagiotis, sorry for the late response but I didn't see your reply.

I've found the root of the problem. I configured the outgoing mail server to try and send a message but it failed again with the same symptoms in Wireshark, only that this time I had an error pop-up with the following error code from OpenSSL: "141A318A:SSL routines:tls_process_ske_dhe:dh key too small".

I turned to Google and the first answer was [1] which explained that on 20.04 the minimum security level on OpenSSL was raised, thus the error message.

I followed the suggestions in the answer and now I'm able to send and receive, so it's not really a problem with KMail, but with the default configuration of the OpenSSL library in Ubuntu 20.04.

1: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level
Comment 4 Papadakos Panagiotis 2020-07-14 12:20:46 UTC 
Damian, thank you for the input!

I was able to resolve the issue, so I am closing the bug!

Best regards
Panagiotis