You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm running Mailu 1.5. Some of my customers with older mail clients have problems syncing mails via IMAP. In the logs I'm getting SSL: error:1402710B:SSL routines:ACCEPT_SR_CLNT_HELLO_C:wrong version number, so I guess there must be a problem with the SSL/TLS handshake. I checked which ciphers dovecot offers:
PORT STATE SERVICE
143/tcp open imap
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 4096) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (rsa 2048) - A
| cipher preference: server
|_ least strength: A
It seems that dovecot only support TLSv1.2 with these three ciphers and I guess that the older mail clients don't accept TLSv1.2 and/or these ciphers.
Is there a way to support more (older) ciphers?
The text was updated successfully, but these errors were encountered:
You can adapt the tls.conf to your needs and mount it in the nginx service at /conf/tls.conf
See #363 (I have provided an example working for me)
Of course, you need to accept to lower your security standards to go to TLSv1 or v1.1...