Passwords with % in them weren't working since certificate upgrade, fixed now
A while back we upgraded nginx, the frontend proxy software that accepts all Web, IMAP and POP connections and proxies them to the users correct backend server. At the time we upgraded, it appears we did restart the web portion of the software, but not the part that proxies the IMAP and POP connections, so it was running the old version of the software still.
When upgrading the SSL certificate yesterday, we restarted both the web and POP/IMAP parts of nginx. During the restart it used the new upgraded versions of the software. Unfortunately it turns out the new software had an incompatible change that meant that anyone using a % in their password would not have been able to login.
We've now fixed up the appropriate bits of software to make them compatible again so all logins should be working again.