similar to: errors in mail.err related with ssl

Thank you. Can I do something with this? 2018-11-05 9:11 GMT+01:00 Aki Tuomi <aki.tuomi at open-xchange.com>: > > On 5.11.2018 10.05, Poliman - Serwis wrote: > > Hi. I have in mail.err file lines like below: > > Nov 5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request > > Nov 5 08:40:00 s1

What kind of test are you running? Aki > On April 27, 2017 at 12:00 PM Poliman - Serwis <serwis at poliman.pl> wrote: > > > I turned of ssl_cipher_list in dovecot.conf file (so it's default) but test > still gives errors: > Apr 27 08:55:06 serwer-1 dovecot: pop3-login: Error: SSL: Stacked error: > error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown

Cipher list which You post provide better compatibility or security than those which I currently have? On older software version these cipher list works well and not generate any errors when I run Internal PCI scan test from https://cloud.tenable.com for another server. But for new server with newer software during test I got errors in mail.err. 2017-04-27 10:00 GMT+02:00 Aki Tuomi <aki.tuomi

Hi, To default dovecot.conf file I added (based on found documentation): ssl = required disable_plaintext_auth = yes #change default 'no' to 'yes' ssl_prefer_server_ciphers = yes ssl_options = no_compression ssl_dh_parameters_length = 2048 ssl_cipher_list =

Thank You for answers. But: 1. How should be properly configured ssl_cipher_list? 2. Ok, removed !TLSv1 !TLSv1.1. 3. Strange thing with ssl_protocols and ssl_cipher_list, because on older server on Ubuntu 14.04 LTS, dovecot 2.2.9 and postfix 2.11.0 these two lines looks exactly this same and no errors in mail.err file and mailes works without any problem. 4. No, currently I don't use LMTP.

On 5.11.2018 10.05, Poliman - Serwis wrote: > Hi. I have in mail.err file lines like below: > Nov 5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request > Nov 5 08:40:00 s1 dovecot: imap-login: Error: SSL: Stacked error: error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number > Nov 5 08:40:05 s1

You could try ignoring it. Aki On 5.11.2018 10.13, Poliman - Serwis wrote: > Thank you. Can I do something with this? > > 2018-11-05 9:11 GMT+01:00 Aki Tuomi <aki.tuomi at open-xchange.com > <mailto:aki.tuomi at open-xchange.com>>: > > > On 5.11.2018 10.05, Poliman - Serwis wrote: >> Hi. I have in mail.err file lines like below: >> Nov 5

Internal PCI Scan on Tenable.io website. Of course after register account. 2017-04-30 9:11 GMT+02:00 Aki Tuomi <aki.tuomi at dovecot.fi>: > What kind of test are you running? > > Aki > > > On April 27, 2017 at 12:00 PM Poliman - Serwis <serwis at poliman.pl> > wrote: > > > > > > I turned of ssl_cipher_list in dovecot.conf file (so it's

I turned of ssl_cipher_list in dovecot.conf file (so it's default) but test still gives errors: Apr 27 08:55:06 serwer-1 dovecot: pop3-login: Error: SSL: Stacked error: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol Apr 27 08:55:06 serwer-1 dovecot: pop3-login: Error: SSL: Stacked error: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol Apr 27 08:55:07

Hi I have configured one line in postfix main.cf (after configure each line I check /var/log/mail.err): smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem After setup above line I have error in above log file (these 4 lines looped): Apr 25 14:08:09 serwer-1 dovecot: imap-login: Error: SSL: Stacked error: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol Apr 25 14:08:09

Hi, I've noticed that nmap crashes my imap-login (also pop3-login) and narrowed it down to `nmap -sV -p 993 $host`. I've noticed that if I remove "ssl_protocols = !SSLv2 !SSLv3" from my config or enable SSLv3 rather than disabling it the segfault disappears. I'm running on Arch Linux with dovecot 2.2.16-1 and openssl 1.0.2.a-1. I've also attached a network capture, but

On 02/29/2016 05:33 AM, C. L. Martinez wrote: > More info in my ssl_error.log: > > Mon Feb 29 14:32:06 2016] [info] [client 10.64.118.59] SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page > [Mon Feb 29 14:32:06 2016] [info] SSL Library Error: 336027804 error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request speaking HTTP to HTTPS port!? Well, that

Ok, I will try to do this but should I do some backup of INBOX earlier? 2018-11-02 20:21 GMT+01:00 Sami Ketola <sami.ketola at dovecot.fi>: > > > On 2 Nov 2018, at 20.58, Poliman - Serwis <serwis at poliman.pl> wrote: > > I have a problem for specific mailbox. In mail.err file I see a lot: > > Nov 2 07:41:17 s1 dovecot: imap(artur at example.pl): Error:

Based on this you are not using SIS, so I wonder if those are some old emails when you were using SIS? Can you provide an example corpus of such mail? You can use e.g. https://www.dovecot.org/tools/dbox-anonymize.pl https://www.dovecot.org/tools/maildir-obfuscate.pl https://www.dovecot.org/tools/mbox-anonymize.pl https://www.dovecot.org/tools/mdbox-obfuscate.pl to obfuscate the mail. Aki On

> On April 27, 2017 at 10:55 AM Poliman - Serwis <serwis at poliman.pl> wrote: > > > Thank You for answers. But: > 1. How should be properly configured ssl_cipher_list? ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW at STRENGTH To disable non-EC DH, use: ssl_cipher_list =

> On April 27, 2017 at 8:12 AM Poliman - Serwis <serwis at poliman.pl> wrote: > > > Hi, > To default dovecot.conf file I added (based on found documentation): > ssl = required > disable_plaintext_auth = yes #change default 'no' to 'yes' > ssl_prefer_server_ciphers = yes > ssl_options = no_compression > ssl_dh_parameters_length = 2048 >

Connecting to dovecot with ssl3 causes imap-login to die: $ openssl s_client -connect localhost:993 -ssl3 CONNECTED(00000003) 4277630796:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1461:SSL alert number 40 4277630796:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:645: --- no peer certificate available --- No client certificate

Sorry, I have checked before I wrote first post. Based on docs - the path should be in /etc/dovecot/dovecot.conf or /etc/dovecot/conf.d/10-mail.conf (I have Ubuntu 16.04 LTS). I have some familiar lines in 10-mail.conf: #mail_attachment_dir = #mail_attachment_min_size = 128k #mail_attachment_fs = sis posix #mail_attachment_hash = %{sha1} but all these lines are commented out. So - in theory -

On 20/8/2015 10:35 ??, Tim Groeneveld wrote: > # This is a list of trusted networks... ips are seperated by ", " > # default, empty > haproxy_trusted_networks = 10.1.2.0/24, 10.2.1.0/24 > > # This is the timeout... in seconds. > # default, 3 > # haproxy_timeout = 3 > > # modify your inet listener's to include haproxy=yes > inet_listener { >

hello, and some update short version: the error is still there, but I have some more data to share, thanks in advance for further advice first, I am using Mutt 1.10.1 (2018-07-13) as mail client, so it is not an obsolete version. second... at the moment I can send email through postfix on the same server, with the same certificates (almost: I still have to fix some stuff, but is NOT related to