Hi,
t's not easily reproducible?
Yes, this is 100% reproducible if you use the "Accept certificate permanently" when the client receives the warning that the certificate on the server is not trusted.
The strange thing is that if you instead use "Accept certificate only this time" then it works
Since we have no access to the certificate (SSL/TLS) handling code we are a bit at loss here and have to "proof" to "the other" guys in Finland thatc it's there fault :-)
You mean a bug in S60 libraries? Yep. Since it seems that the server receives some erronous messages
verbose_ssl=yes makes Dovecot log all errors/warnings that OpenSSL can Yes, this is already enabled
http://crypto.stanford.edu/~eujin/sslsniffer/index.html Will have a look at this.
Thanks! Johan