similar to: Apple Mail Since upgrade to dovecot 2.3.x unable to connect

|Dear all,| |a couple of days ago I upgraded our server from Ubuntu 18.04 to 20.04, thereby upgrading dovecot from 2.2.x to 2.3.x. | |Since then, some older versions of apple's mail.app (bundled with el Capitano, released in 2016) no longer connect. When I turn on SSL debugging, I see:| |Debug: SSL error: SSL_accept() failed: error:14209102:SSL

> On 17/08/2020 12:51 Johannes Rohr <jorohr at gmail.com> wrote: > > > |Dear all,| > > |a couple of days ago I upgraded our server from Ubuntu 18.04 to 20.04, > thereby upgrading dovecot from 2.2.x to 2.3.x. > | > > |Since then, some older versions of apple's mail.app (bundled with el > Capitano, released in 2016) no longer connect. When I turn on

I have an operational need to disable TLSv1.3 due to inadequate support to exclude certain ciphers. Much to my dismay, the `ssl_protocols` had been renamed and re-functionalized into `ssl_min_protocol`. Now, there is no way to exclude a specific group of one or more TLS versions. For a new bug report, I think we need two new settings: * `ssl_tls13_ciphersuite` and * `ssl_tls10_cipher`

I have an operational need to disable TLSv1.3 due to inadequate support to exclude certain ciphers. Much to my dismay, the `ssl_protocols` had been renamed and re-functionalized into `ssl_min_protocol`. Now, there is no way to exclude a specific group of one or more TLS versions. For a new bug report, I think we need two new settings: * `ssl_tls13_ciphersuite` and * `ssl_tls10_cipher`

Hello! On my testserver running CentOS8 I have installed dovecot v2.3.8. I can connect to the server using claws-mail on my PC but can't using K9-mail on android device. Jul 18 12:24:57 imap-login: Debug: SSL: where=0x10, ret=1: before SSL initialization Jul 18 12:24:57 imap-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization Jul 18 12:24:57 imap-login: Debug: SSL:

Hi, I can no longer connect to Dovecot (IMAP). The connection is terminated by Dovecot after Client Helo. My server: Dovecot 2.3.3 Debian buster/sid Architecture: ppc My problems started in late August after upgrading Dovecot. SSL settings: ssl_dh = </etc/ssl/dh2048.pem ssl_min_protocol = TLSv1.2 ssl_cipher_list =

Also, more testimony to the same problem (by others) is posted over at ServerFault (StackOverflow): https://serverfault.com/questions/975871/forcing-dovecot-2-3-4-1-to-use-tlsv1-2 On 5/8/20 11:50 AM, Steve Egbert wrote: > I have an operational need to disable TLSv1.3 due to inadequate support > to exclude certain ciphers. > > Much to my dismay, the `ssl_protocols` had been

On 08 May 2020, at 09:43, Steve Egbert <s.egbert at sbcglobal.net> wrote: > I have an operational need to disable TLSv1.3 due to inadequate support to exclude certain ciphers. There is no need to disable TLSv1.3 and attempts to do so will be flagged as ?downgrade attacks?. > Much to my dismay, the `ssl_protocols` had been renamed and re-functionalized into `ssl_min_protocol`. >

Hi, I am having some issues with a new server install in Singapore. Outbound calls work fine. Inbound calls are not picked up by Asterisk. Zaptel 1.2.25 and Asterisk 1.2.28 both built from source. libpri installed wctdm and zaptel load without error Jun 6 23:34:03 fs01 kernel: [211138.372933] Zapata Telephony Interface Registered on major 196 Jun 6 23:34:03 fs01 kernel: [211138.372937]

Am 17.08.20 um 12:16 schrieb Aki Tuomi: > You need to set > > ssl_min_protocol = TLSv1.2 # or TLSv1 Thanks, tried both, but unsuccessfully. Again, is there any debug setting that allows me to see what SSL version was requested? Without this, this is fumbling in the dark. Cheers, Johannes -------------- next part -------------- A non-text attachment was scrubbed... Name:

I've spent days scouring the Internet and trying various solutions on a problem with my Dovecot installation, so I thought I'd share what I learned in hopes of saving other people a lot of time.? The dedicated Dovecot hands will know all of the following already.? This is for those of us that have to cover a lot of bases. I upgraded my mail server from Ubuntu 18.04.1 to Ubuntu

Package: xen-hypervisor-3.2-1-i386 Version: 3.2.0-2 Severity: normal I'm afraid this bug report will be somewhat unspecific. Please let me know what I need to do in order to extract more useful information out of xen. I have done the following to install xen: installed xen-hypervisor-3.2-1-i386, xen-utils-3.2-1, linux-image-2.6.23-1-xen-686 fixed /usr/sbin/update-grub (see bug #455706)

We recently upgraded from dovecot 2.2 to 2.3.7.1-1 Not many, but some users are experiencing difficulties. The dovecot directors log: Aug 21 14:28:49 director01 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=redacted, lip=10.0.0.120, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher,

Hi, Have anyone else experienced problems using Dovecot with the mail app in beta releases of iOS/iPadOS 13? TLS is failing for my, it have worked fine for years and I am on the latest Dovecot version now, it works fine with older clients but not with the ones upgraded: Sep 04 19:49:16 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 04 19:49:16 imap-login: Debug:

Hi, I using openldap 2.0.23 and samba 2.2.4 on a Redhat 7.2 Linux distrib. I've compiled with ldap support dans It works fine in clear mode. I've configured unix auth. in order to use ldap on TLS mode, and it works also. When I try to use TLS more (or SSL on 636), it doesn't work. LDAP doesn't seem to have an error (see logs below), but samba tells "Failed to issue the

hey friends, I am trying to secure my mail server.I have enabled TLS support in postfix(version postfix-2.1.5), now I am trying to configure squirrelmail(version 1.4.4-1 rpm) for tls/ssl support.In config.php i have choosen use_imap_tls=true and use_smpt_tls=true. Moreover If I send any mail from squirrelmail there are no entries for ssl or tls in maillogs whereas If I send the mail through

Hi there, I have Samba 2.2.3a configured to access openLDAP 2.0.18 for authentication. The autentication via ldap protocol works fine. Then I tried to enable SSL to connect samba with the LDAP server. Calling smbasswd generates this: #/usr/local/samba/bin/smbpasswd atuttle -D9 New SMB password: Retype new SMB password: ldap_open_connection: connection opened Bind failed: Can't contact LDAP

Hello, ?I am having some trouble isolating an issue with my mail server. In my mail log ?I keep receiving the following errors: SSL_accept:failed in SSLv3 read client certificate A SSL_accept: error form client at mydomain.com: lost connection SSL_accept:SSLv3 flush data I have look through both my dovecot and postfix configs but have not been able to isolate the issue yet, hoping someone

Hi all, I've managed to get dovecot running with ldaps (ssl over port 636, not starttls). Btw, it's working right only if i specify "TLSVerifyClient never" in my slapd.conf. With any other parameter (like "TLSVerifyClient demand"), the bind fails with: connection_get(12) connection_get(12): got connid=0 connection_read(12): checking for input on id=0 TLS trace:

Hi, can anyone tell me where these "unknown users" come from. As far as I see the fact, dovecot is asked by postfix to look for the password of the recipient-user (why ever). +++ Jan 7 19:43:09 f42252se postfix/smtpd[14625]: initializing the server-side TLS engine Jan 7 19:43:09 f42252se postfix/tlsmgr[14627]: open smtpd TLS cache btree:/var/lib/postfix/smtpd_scache Jan 7 19:43:09