our dovecot (2.0.9 on redhat) 10-ssl.conf file we have
ssl_cipher_list = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:! aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES:!SSLv3
settings.
this settings is correct for dovecot ? if they correct , can we say there is problem for thunderbird ? :)
I think you should fix your dovecot cipher list using the guidance from Mozilla's security team:
https://wiki.mozilla.org/Security/Server_Side_TLSIf your server is accessible from the web, you can run this test (it gives you very helpful advice for configuring your cipherlist):
https://www.htbridge.com/sslYou can also test your setup with the script from this site (you will have to download some files but you can run it even if your server is not connected to the internet).
https://testssl.sh/Ryan