Hi,
Have anyone else experienced problems using Dovecot with the mail app in beta releases of iOS/iPadOS 13?
TLS is failing for my, it have worked fine for years and I am on the latest Dovecot version now, it works fine with older clients but not with the ones upgraded:
Sep 04 19:49:16 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 04 19:49:16 imap-login: Debug: SSL alert: where=0x4008, ret=552: fatal handshake failure Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL error: SSL_accept() failed: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL error: SSL_accept() failed: error:140800FF:SSL routines:ssl3_accept:unknown state Sep 04 19:49:16 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=11.22.33.44, lip=11.22.33.44, TLS handshaking: SSL_accept() failed: error:140800FF:SSL routines:ssl3_accept:unknown state, session=<lz7m2r2rjPouOvrk>
Working client:
Sep 04 19:57:58 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read certificate verify A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 04 19:58:03 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully Sep 04 19:58:03 imap-login: Info: Login: user=<username>, method=LOGIN, rip=11.22.33.44, lip=11.22.33.44, mpid=28781, TLS, TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits), session=<LklR9r2Vtb4uOzra>
Config:
# egrep -v "^#|^$" 10-ssl.conf 10-auth.conf 10-ssl.conf:ssl = required 10-ssl.conf:ssl_cert = </path/to/fullchain.pem 10-ssl.conf:ssl_key = </path/to/privkey.pem 10-ssl.conf:ssl_dh = </path/to/dh.pem 10-ssl.conf:ssl_min_protocol = TLSv1.1 10-ssl.conf:ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH 10-auth.conf:disable_plaintext_auth = yes 10-auth.conf:auth_mechanisms = login 10-auth.conf:!include auth-system.conf.ext
# dovecot --version 2.3.7.2 (3c910f64b)
Anyone seeing something similar and/or have suggestions on how to proceed?
Regards Henrik
Le 4 sept. 2019 à 20:11, Henrik Johansson via dovecot <dovecot@dovecot.org> a écrit :
Hi,
Have anyone else experienced problems using Dovecot with the mail app in beta releases of iOS/iPadOS 13?
TLS is failing for my, it have worked fine for years and I am on the latest Dovecot version now, it works fine with older clients but not with the ones upgraded:
Sep 04 19:49:16 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 04 19:49:16 imap-login: Debug: SSL alert: where=0x4008, ret=552: fatal handshake failure Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL error: SSL_accept() failed: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL error: SSL_accept() failed: error:140800FF:SSL routines:ssl3_accept:unknown state Sep 04 19:49:16 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=11.22.33.44, lip=11.22.33.44, TLS handshaking: SSL_accept() failed: error:140800FF:SSL routines:ssl3_accept:unknown state, session=<lz7m2r2rjPouOvrk>
Working client:
Sep 04 19:57:58 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read certificate verify A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 04 19:58:03 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully Sep 04 19:58:03 imap-login: Info: Login: user=<username>, method=LOGIN, rip=11.22.33.44, lip=11.22.33.44, mpid=28781, TLS, TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits), session=<LklR9r2Vtb4uOzra>
Config:
# egrep -v "^#|^$" 10-ssl.conf 10-auth.conf 10-ssl.conf:ssl = required 10-ssl.conf:ssl_cert = </path/to/fullchain.pem 10-ssl.conf:ssl_key = </path/to/privkey.pem 10-ssl.conf:ssl_dh = </path/to/dh.pem 10-ssl.conf:ssl_min_protocol = TLSv1.1 10-ssl.conf:ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH 10-auth.conf:disable_plaintext_auth = yes 10-auth.conf:auth_mechanisms = login 10-auth.conf:!include auth-system.conf.ext
# dovecot --version 2.3.7.2 (3c910f64b)
Just a wild guess as I didn’t try to configure Mail on Catalina yet, but it looks like your server only supports ‘DHE-RSA…’ ciphers. I think that modern systems prefers using ECDHE key exchange and would not be surprise if iOS requires it.
What version of OpenSSL are you using ?
Le 4 sept. 2019 à 21:35, Jean-Daniel via dovecot <dovecot@dovecot.org> a écrit :
Le 4 sept. 2019 à 20:11, Henrik Johansson via dovecot <dovecot@dovecot.org> a écrit :
Hi,
Have anyone else experienced problems using Dovecot with the mail app in beta releases of iOS/iPadOS 13?
TLS is failing for my, it have worked fine for years and I am on the latest Dovecot version now, it works fine with older clients but not with the ones upgraded:
Sep 04 19:49:16 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 04 19:49:16 imap-login: Debug: SSL alert: where=0x4008, ret=552: fatal handshake failure Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL error: SSL_accept() failed: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher Sep 04 19:49:16 imap-login: Debug: SSL: where=0x2002, ret=-1: error Sep 04 19:49:16 imap-login: Debug: SSL error: SSL_accept() failed: error:140800FF:SSL routines:ssl3_accept:unknown state Sep 04 19:49:16 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=11.22.33.44, lip=11.22.33.44, TLS handshaking: SSL_accept() failed: error:140800FF:SSL routines:ssl3_accept:unknown state, session=<lz7m2r2rjPouOvrk>
Working client:
Sep 04 19:57:58 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A Sep 04 19:57:58 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:01 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read certificate verify A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 04 19:58:03 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully Sep 04 19:58:03 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully Sep 04 19:58:03 imap-login: Info: Login: user=<username>, method=LOGIN, rip=11.22.33.44, lip=11.22.33.44, mpid=28781, TLS, TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits), session=<LklR9r2Vtb4uOzra>
Config:
# egrep -v "^#|^$" 10-ssl.conf 10-auth.conf 10-ssl.conf:ssl = required 10-ssl.conf:ssl_cert = </path/to/fullchain.pem 10-ssl.conf:ssl_key = </path/to/privkey.pem 10-ssl.conf:ssl_dh = </path/to/dh.pem 10-ssl.conf:ssl_min_protocol = TLSv1.1 10-ssl.conf:ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH 10-auth.conf:disable_plaintext_auth = yes 10-auth.conf:auth_mechanisms = login 10-auth.conf:!include auth-system.conf.ext
# dovecot --version 2.3.7.2 (3c910f64b)
Just a wild guess as I didn’t try to configure Mail on Catalina yet, but it looks like your server only supports ‘DHE-RSA…’ ciphers. I think that modern systems prefers using ECDHE key exchange and would not be surprise if iOS requires it.
What version of OpenSSL are you using ?
An interesting note from the Apple documentation about what is considered a secured server:
• The link must support perfect forward secrecy (PFS) through Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange.
https://developer.apple.com/documentation/security/preventing_insecure_netwo... <https://developer.apple.com/documentation/security/preventing_insecure_network_connections>
On 4 Sep 2019, at 21:35, Jean-Daniel <jddupas@xooloo.com> wrote:
Just a wild guess as I didn’t try to configure Mail on Catalina yet, but it looks like your server only supports ‘DHE-RSA…’ ciphers. I think that modern systems prefers using ECDHE key exchange and would not be surprise if iOS requires it.
What version of OpenSSL are you using ?
A good guss, I am using 1.0.2r, but it is missing ECDHE so that seems like the problem. I will try with a openssl that supports it.
Thank you!
Regards Henrik
On 4 Sep 2019, at 21:35, Jean-Daniel <jddupas@xooloo.com> wrote:
Just a wild guess as I didn’t try to configure Mail on Catalina yet, but it looks like your server only supports ‘DHE-RSA…’ ciphers. I think that modern systems prefers using ECDHE key exchange and would not be surprise if iOS requires it.
Well I got the OpenSSL parts working now, but newer versions still refuses to work after establishing with ECDHE, I just get no login attempts and no user:
imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=55.66.77.88, lip=11.22.33.44, TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Regards Henrik
Non working iOS 13
Sep 08 11:25:47 auth: Debug: auth client connected (pid=23934) SeSep 08 11:25:47 auth: Debug: auth client connected (pid=23934)p 08 11:25:47 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 08 11:25:47 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A SeSep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:25:47 imap-login: Debug: SSL: whereSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A =0x2002,Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 08 1Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A 1:25Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A :Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A 4Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A 11:25:47 imap-login: Debug: SSL alert: close notify Sep 08 11:Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read certificate verify A 25Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A :47 Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A iSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data map-Sep 08 11:25:47 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully SSLv3 write key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: wherSep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully e=0x2001, ret=1:Sep 08 11:25:47 imap-login: Debug: SSL alert: close notify Sep 08 11:25:47 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=55.66.77.88, lip=11.22.33.44, TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits), session=<fU+qvQeSGTJb6jE9> SSLvSep 08 11:25:47 imap-login: Debug: SSL alert: close notify
Working MacOS 10.14.6
Sep 08 11:24:09 auth: Debug: auth client connected (pid=23912) Sep 08 11:24:09 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A ep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, reSep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A ep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read certificate verify A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read finished A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 08 11:24:09 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully
On Sep 8, 2019, at 03:48, Henrik Johansson <henrikj@henkis.net> wrote:
Well I got the OpenSSL parts working now, but newer versions still refuses to work after establishing with ECDHE, I just get no login attempts and no user:
iOS 13 definitely works with dovecot; it’s how I am able to send this mail.
-- My main job is trying to come up with new and innovative and effective ways to reject even more mail. I'm up to about 97% now.
On 8 Sep 2019, at 15:39, Aki Tuomi <aki.tuomi@open-xchange.com> wrote:
On 08/09/2019 12:42 Henrik Johansson via dovecot <dovecot@dovecot.org> wrote:
Ensure you have
auth_mechanisms=plain login
in your config.
That did it, must have changed it while debuting this and it continued to work on MacOS but not iOS.
Thank you!
Regards Henrik
participants (4)
-
Aki Tuomi
-
Henrik Johansson
-
Jean-Daniel
-
LuKreme