[Dovecot] TLS/SSL for Win8 & Outlook
Sebastian Goodrick
sebastian at goodrick.ch
Fri May 9 19:57:06 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09.05.2014 14:40, Reindl Harald wrote:
>> For any reason I don't understand, there are ciphers listed twice
>> in the old OpenSSL version but also once in the new version:
>> EXP-RC2-CBC-MD5, EXP-RC4-MD5, RC4-MD5
> EXP-RC4-MD5 != RC4-MD5
Obviously. But what is the point of listing both of them twice in
OpenSSL 0.9.8g?
> ssl_prefer_server_ciphers = yes
This setting is not supported in 2.1.7 (as shipped with Debian Weezy)
> ssl_cipher_list =
> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2
I
>
just gave this cipher list a try, but it didn't change the behaviour
for Win8/Outlook 2013.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlNtMxIACgkQR7+YB0QzbnpkIgCgm2ci41+tcRtihFP8053gM9Tw
WKoAn1DB8stwnqZpZnZqAuQTgZ3Uoaua
=e8uB
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list