Somehow, KMail has lost the ability to talk to my IMAP server, which is a dovecot server, version 1:2.2.27-3ubuntu1.4 on Ubuntu Artful The connection is set up as an SSL connection on port 993. On the local console I see: org.kde.pim.kimap: Connection to server lost 9 org.kde.pim.imapresource: Session login cancelled org.kde.pim.kimap: Connection to server lost 9 org.kde.pim.imapresource: Session login cancelled many times over. In the log on the server I see Oct 23 22:44:02 ida dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=XXXX, lip=XXXX, TLS handshaking: Disconnected, session=<KQkMbut4kN9UkUxx> both repeating themselves endlessly until I kill kmail The same setup works find in Thunderbird, K-9 Mail, Evolution and did word find with Kmail until recently. SOFTWARE VERSIONS (available in About System) KDE Plasma Version: 5.49.0 KDE Frameworks Version: 5.49.0 Qt Version: Qt 5.11.2 (kompiliert gegen 5.11.2)
One observation: As soon as I click to remove the affected IMAP account from KMail, I see a prompt for the IMAP password pop up, but it instantly goes away again. This is reproducible.
Just checked the server's SSL cert. It is valid.
Having the same problem here
(In reply to Pedro Celestino Reis Rodrigues from comment #3) > Having the same problem here However, I am experiencing a mixed behavior, the conection to my institutional server does not work but conection to hotmail still works.
In my case the problem, and the solution are explained here https://lists.debian.org/debian-kde/2018/11/msg00001.html
I know the source of the problem is not in either kmail or akonadi, but their behavior could be made more friendly. A popup error message stating that ssl authentication is not possible would be good. Adding the information that the key server version is too old would be perfect.
Hi there, I have a strong suspicion that this is SSL related, I've found that this does not work: openssl s_client -connect example.com:993 [...] 139765775537472:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:../ssl/statem/statem_clnt.c:2149: [...] but this does (found here: https://imlc.me/dh-key-too-small ): openssl s_client -connect example.com:993 --cipher 'DEFAULT:!DH' Now the received wisdom is that this is because of OpenSSL configuration and you can fix it by adding this to /etc/ssl/openssl.cnf: [system_default_sect] MinProtocol = TLSv1.2 CipherString = DEFAULT@SECLEVEL=2 However, that does not seem to work, either for the OpenSSL command line or for Akonadi. All the best, Chris
Apologies, I had two bugs open in adjacent tabs and updated this instead of https://bugs.kde.org/show_bug.cgi?id=419782 (I strongly suspect it's a duplicate of this).
The solution (for me) under Kubuntu 20.04 was to modify /etc/ssl/openssl.cnf after the line: oid_section = new_oids by adding: openssl_conf = default_conf [default_conf] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] MinProtocol = TLSv1.2 CipherString = DEFAULT@SECLEVEL=1
Looks like a server issue requiring an old or incompatible crypto algos, which is beyond KDE PIM, sorry.