Articles in this section

Mail Clients are no longer able to use encrypted password authentication type after update to Plesk Obsidian 18.0.73

Vincent Lauton
Updated
Plesk for Linux kb: technical

Applicable to:

  • Plesk for Linux

Symptoms

  • Plesk was recently updated to versions 18.0.73, Dovecot updated to version 2.4:

    # plesk -v
    Product version: Plesk Obsidian 18.0.73.0 
    OS version: AlmaLinux 9.6 x86_64 
    Build date: 2025/10/02 10:00

    # dovecot --version
    2.4.1-4 (7d8c0e5759)

  • Mail Clients, such as Thunderbird, receive the following error when attempting to log into a mailbox using "Encrypted Password" option:

  • When checking IMAP/SMTP server capabilities, no MD5 auth methods are advertised:

    # openssl s_client -connect 203.0.113.2:993

    OK [CAPABILITY IMAP4rev1 LOGIN-REFERRALS ID ENABLE IDLE SASL-IR LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready. 
    # openssl s_client -connect 203.1.113.2:465 -crlf 
    250-AUTH PLAIN LOGIN

  • Non-descriptive lines are being logged in /var/log/maillog, even with Dovecot Debug enabled:

    # dovecot[24549]: auth: Debug: Loading modules from directory: /usr/libexec/dovecot/modules/auth
    dovecot[24549]: auth: Debug: Loading modules from directory: /usr/libexec/dovecot/modules/auth 
    dovecot[24549]: auth: Debug: Module loaded: /usr/libexec/dovecot/modules/auth/libauthdb_plesk.so dovecot[24549]: auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat 
    dovecot[24549]: auth: Warning: Weak password schemes are allowed 
    dovecot[24549]: auth: Debug: conn unix:login (pid=24580,uid=991) [1]: Server accepted connection (fd=18) 
    dovecot[24549]: auth: Debug: conn unix:login (pid=24580,uid=991) [1]: auth client connected (pid=24580) 
    dovecot[24549]: imap-login: Login aborted: Connection closed (no auth attempts in 0 secs (no_auth_attempts): user=<>, rip=203.0.113.3, lip=203.0.113.2, TLS, session=<94tUujpAK88KQzTS> auth: Debug: conn unix:login (pid=24580,uid=991) [1]: Disconnected: Connection closed (fd=18)

Cause

Product issue:

  • PPPM-15147: "After updating to Plesk Obsidian 18.0.73, Thunderbird could not send or receive emails when “Encrypted Password” was selected in the email client settings"

Fixed in:

Resolution

Update Plesk to the latest version:

How to install Plesk updates

Workaround

If for any reason updating Plesk is not possible, apply the following steps to restore MD5 auth mechanisms for Postfix/Dovecot:

  1. Connect to server via SSH

  2. Edit /etc/dovecot/dovecot.conf file:

    auth_mechanisms = plain login digest-md5 cram-md5 apop
    auth_allow_weak_schemes = yes

  3. Restart Dovecot service:

    # systemctl restart dovecot

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.