Debian Jessie upgrade breaks Thunderbird connection to courier-imap-ssl

After upgrading of my e-mailbox running courier-imap-ssl, I discovered that connecting with Thunderbird just failed.

In /var/log/syslog:

imapd-ssl: couriertls: accept: error:14094417:SSL routines:SSL3_READ_BYTES:sslv3 alert illegal parameter

In Thunderbird, pressing CTRL+SHIFT+J shows the Thunderbird error console. It showed me information that something was wrong with some DH-parameter.

Following: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787579, I generated a new keyfile using:

# export DH_BITS=2048 && mkdhparams

After generating a new “/etc/courier/dhparams.pem” and restarting courier-ssl by executing: /etc/init.d/courier-imap-ssl restart, I still could not connect with Thunderbird…

Then I discovered that in: /etc/courier/imapd-ssl, the parameter TLS_DHPARAMS could be set. I suspected that the pem-file for some reason could not be found by courier-imap-ssl. A bit strange of course, because it had never been a problem, until now.

So I added:

TLS_DHPARAMS=/etc/courier/dhparams.pem

After restarting courier-imap-ssl once again I discovered that this addition indeed solved my problem.

For future convenience I changed the BITS value in /usr/sbin/mkdhparams

from
BITS=768
to
BITS=2048