outlook hangs using TLS
Hello
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios
Please find debug log
mail dovecot[24287]: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [X.X.X.X] mail dovecot[24287]: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [X.X.X.X] mail dovecot[24287]: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A [X.X.X.X] mail dovecot[24287]: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges mail dovecot[24287]: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges mail dovecot[24287]: auth: Debug: auth client connected (pid=24300) mail dovecot[24287]: imap-login: Disconnected (no auth attempts in 31 secs): user=<>, rip=X.X.X.X, lip=X.X.X.X, TLS handshaking: Disconnected, session=<bivt8iNuBgA+A08O>
Please find my config
# 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-862.3.2.el7.x86_64 x86_64 CentOS Linux release 7.5.1804 (Core) auth_cache_size = 16 M auth_cache_ttl = 1 days auth_debug = yes auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyz.@ auth_verbose = yes default_client_limit = 1024 default_process_limit = 16 doveadm_password = mysecretpasswordsharedamongservers first_valid_uid = 1000 mail_attachment_dir = /srv/attachments mail_attachment_min_size = 4 k mail_debug = yes mail_home = /var/spool/mail/%d/%n mail_location = mdbox:~/mail mail_plugins = replication notify mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = subscribe special_use = \Sent } mailbox Spam { auto = create special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox virtual/All { auto = no special_use = \All } prefix = type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap lmtp service aggregator { fifo_listener replication-notify-fifo { mode = 0666 user = $default_internal_user } unix_listener replication-notify { mode = 0666 user = $default_internal_user } } service auth { unix_listener auth-userdb { mode = 0666 } } service doveadm { inet_listener { port = 55555 } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 2 service_count = 1 } service imap { client_limit = 0 } service lmtp { unix_listener lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert = </etc/letsencrypt/live/mail.example.com/fullchain.pem ssl_dh_parameters_length = 2048 ssl_key = </etc/letsencrypt/live/mail.example.com/privkey.pem ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 TLSv1 TLSv1.1 TLSv1.2 userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } verbose_ssl = yes protocol imap { imap_client_workarounds = tb-extra-mailbox-sep delay-newmail }
On Fri, 8 Jun 2018 17:54:28 +0100, Vladimir Tiukhtin stated:
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios
{snip}
Seriously, those versions of Outlook are both old and no longer supported. In any case, you have already answered your question; ie, use SSL.
-- Jerry
I have tested just now on outlook 2016 - same issue. TLS makes it hanged
On 08/06/18 18:17, Jerry wrote:
On Fri, 8 Jun 2018 17:54:28 +0100, Vladimir Tiukhtin stated:
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios {snip}
Seriously, those versions of Outlook are both old and no longer supported. In any case, you have already answered your question; ie, use SSL.
On Fri, 8 Jun 2018 18:19:14 +0100, Vladimir Tiukhtin stated:
On 08/06/18 18:17, Jerry wrote:
On Fri, 8 Jun 2018 17:54:28 +0100, Vladimir Tiukhtin stated:
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios
{snip}Seriously, those versions of Outlook are both old and no longer supported. In any case, you have already answered your question; ie, use SSL.
I have tested just now on outlook 2016 - same issue. TLS makes it hanged
I am using Outlook 2016 on a Windows 10 Pro amd64 system. Dovecot is running on a FreeBSD 11.1 machine. Dovecot version: 2.3.1 (8e2f634). It is working fine. What port numbers and authentication types are you employing?
-- Jerry
A vide se postovi i kategorije... to sam propustio... obrisacu... pa javljam....
Sent from my Samsung Galaxy smartphone. -------- Original message --------From: Jerry <jerry@seibercom.net> Date: 6/8/18 20:59 (GMT+01:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: outlook hangs using TLS On Fri, 8 Jun 2018 18:19:14 +0100, Vladimir Tiukhtin stated:
On 08/06/18 18:17, Jerry wrote:
On Fri, 8 Jun 2018 17:54:28 +0100, Vladimir Tiukhtin stated:
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios {snip}
Seriously, those versions of Outlook are both old and no longer supported. In any case, you have already answered your question; ie, use SSL.
I have tested just now on outlook 2016 - same issue. TLS makes it hanged
I am using Outlook 2016 on a Windows 10 Pro amd64 system. Dovecot is running on a FreeBSD 11.1 machine. Dovecot version: 2.3.1 (8e2f634). It is working fine. What port numbers and authentication types are you employing?
-- Jerry
On Fri, 08 Jun 2018 21:00:29 +0200, ivanb.dsol stated:
-------- Original message -------- From: Jerry <jerry@seibercom.net> Date: 6/8/18 20:59 (GMT+01:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: outlook hangs using TLS
On Fri, 8 Jun 2018 18:19:14 +0100, Vladimir Tiukhtin stated:
On 08/06/18 18:17, Jerry wrote:
On Fri, 8 Jun 2018 17:54:28 +0100, Vladimir Tiukhtin stated:
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios {snip}
Seriously, those versions of Outlook are both old and no longer supported. In any case, you have already answered your question; ie, use SSL.
I have tested just now on outlook 2016 - same issue. TLS makes it hanged
I am using Outlook 2016 on a Windows 10 Pro amd64 system. Dovecot is running on a FreeBSD 11.1 machine. Dovecot version: 2.3.1 (8e2f634). It is working fine. What port numbers and authentication types are you employing?
Sent from my Samsung Galaxy smartphone.
A vide se postovi i kategorije... to sam propustio... obrisacu... pa javljam....
I don't speak that language. According to Google Translate, that means, "And you can see the posts and categories... I missed it... deleted... so I'm reporting...." I don't understand what you are referring to.
-- Jerry
On 09.06.2018 12:13, Jerry wrote:
On Fri, 08 Jun 2018 21:00:29 +0200, ivanb.dsol stated:
-------- Original message -------- From: Jerry <jerry@seibercom.net> Date: 6/8/18 20:59 (GMT+01:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: outlook hangs using TLS
On Fri, 8 Jun 2018 18:19:14 +0100, Vladimir Tiukhtin stated:
On 08/06/18 18:17, Jerry wrote:
On Fri, 8 Jun 2018 17:54:28 +0100, Vladimir Tiukhtin stated:
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, it works if I switch in client TLS to SSL. Thunderbird works perfect both scenarios {snip}
Seriously, those versions of Outlook are both old and no longer supported. In any case, you have already answered your question; ie, use SSL. I have tested just now on outlook 2016 - same issue. TLS makes it hanged I am using Outlook 2016 on a Windows 10 Pro amd64 system. Dovecot is running on a FreeBSD 11.1 machine. Dovecot version: 2.3.1 (8e2f634). It is working fine. What port numbers and authentication types are you employing?
Sent from my Samsung Galaxy smartphone. A vide se postovi i kategorije... to sam propustio... obrisacu... pa javljam.... I don't speak that language. According to Google Translate, that means, "And you can see the posts and categories... I missed it... deleted... so I'm reporting...." I don't understand what you are referring to.
There are few reasons why this could be:
Your server has very little entropy, you can check this from /proc/sys/kernel/random/entropy_avail, if it says a two-digit number, you probably are going to need some entropy helper, if it's a big number, you're fine.
Some clients don't like STARTTLS, try using SSL port instead.
You have some problem(s) in your client machine, verify with some other machine.
Aki
participants (4)
-
Aki Tuomi
-
ivanb.dsol
-
Jerry
-
Vladimir Tiukhtin