On Wed, Jul 08, 2020 at 12:05:55PM +1000, Mark Constable wrote:
I spent a week trying every cypher combination I could find via Google for Dovecot but with the phone going off the hook from complaints by customers not being able to pick up their mail. We had to respond with some solution so, after a week, disabling SSL was very reluctantly the only option left. We lost ~40 customers to outlook.com because of this.
Ouch. But does outlook.com not require TLS? (I don't currently have an outlook.com account.)
If so, then why would customers be able to solve their problem by moving to outlook.com? Maybe by using outlook.com's webmail interface, I guess, but you could presumably compete with this by offering Squirrelmail or Roundcube.
Yet another possible workaround for customers using email clients or operating systems that don't speak recent versions of TLS is to have them install stunnel on their PC, or else to send them a box (e.g. Raspberry Pi) running stunnel that they can put on their LAN/WLAN:
https://joewein.net/blog/2018/07/04/outlook-express-error-0x800ccc0b-and-the...
https://en.wikipedia.org/wiki/Stunnel
Of course, the main problem with sending a box is that it would periodically require software updates & reboots. If you already have a routine for upgrading software on boxes on customer premises, then include the boxes in that routine; otherwise, it's a headache.
Also, the stunnel approach would not help for non-jailbroken iOS devices except while they are downstream of an stunnel box. So, OK over the WLAN but no good while on mobile data.
Anyway, good luck!
-- A: When it messes up the order in which people normally read text. Q: When is top-posting a bad thing?
() ASCII ribbon campaign. Please avoid HTML emails & proprietary /\ file formats. (Why? See e.g. https://v.gd/jrmGbS ). Thank you.