outlook hangs using TLS

Vladimir Tiukhtin vladimir.tiukhtin at asergis.com
Fri Jun 8 19:54:28 EEST 2018


Hello

I am using dovecot 2.2.10 on CentOS 7

Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS, 
it works if I switch in client TLS to SSL. Thunderbird works perfect 
both scenarios

Please find debug log

mail dovecot[24287]: imap-login: Debug: SSL: where=0x10, ret=1: 
before/accept initialization [X.X.X.X]
mail dovecot[24287]: imap-login: Debug: SSL: where=0x2001, ret=1: 
before/accept initialization [X.X.X.X]
mail dovecot[24287]: imap-login: Debug: SSL: where=0x2002, ret=-1: 
SSLv2/v3 read client hello A [X.X.X.X]
  mail dovecot[24287]: imap-login: Debug: SSL: elliptic curve secp384r1 
will be used for ECDH and ECDHE key exchanges
mail dovecot[24287]: imap-login: Debug: SSL: elliptic curve secp384r1 
will be used for ECDH and ECDHE key exchanges
mail dovecot[24287]: auth: Debug: auth client connected (pid=24300)
mail dovecot[24287]: imap-login: Disconnected (no auth attempts in 31 
secs): user=<>, rip=X.X.X.X, lip=X.X.X.X, TLS handshaking: Disconnected, 
session=<bivt8iNuBgA+A08O>

Please find my config

# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-862.3.2.el7.x86_64 x86_64 CentOS Linux release 
7.5.1804 (Core)
auth_cache_size = 16 M
auth_cache_ttl = 1 days
auth_debug = yes
auth_mechanisms = plain login
auth_username_chars = abcdefghijklmnopqrstuvwxyz.@
auth_verbose = yes
default_client_limit = 1024
default_process_limit = 16
doveadm_password = mysecretpasswordsharedamongservers
first_valid_uid = 1000
mail_attachment_dir = /srv/attachments
mail_attachment_min_size = 4 k
mail_debug = yes
mail_home = /var/spool/mail/%d/%n
mail_location = mdbox:~/mail
mail_plugins = replication notify
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
mbox_write_locks = fcntl
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     auto = subscribe
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     auto = subscribe
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     auto = subscribe
     special_use = \Sent
   }
   mailbox Spam {
     auto = create
     special_use = \Junk
   }
   mailbox Trash {
     auto = subscribe
     special_use = \Trash
   }
   mailbox virtual/All {
     auto = no
     special_use = \All
   }
   prefix =
   type = private
}
passdb {
   args = /etc/dovecot/dovecot-sql.conf.ext
   driver = sql
}
plugin {
   sieve = ~/.dovecot.sieve
   sieve_dir = ~/sieve
}
protocols = imap lmtp
service aggregator {
   fifo_listener replication-notify-fifo {
     mode = 0666
     user = $default_internal_user
   }
   unix_listener replication-notify {
     mode = 0666
     user = $default_internal_user
   }
}
service auth {
   unix_listener auth-userdb {
     mode = 0666
   }
}
service doveadm {
   inet_listener {
     port = 55555
   }
}
service imap-login {
   inet_listener imap {
     port = 0
   }
   inet_listener imaps {
     port = 993
     ssl = yes
   }
   process_min_avail = 2
   service_count = 1
}
service imap {
   client_limit = 0
}
service lmtp {
   unix_listener lmtp {
     group = postfix
     mode = 0600
     user = postfix
   }
}
ssl = required
ssl_cert = </etc/letsencrypt/live/mail.example.com/fullchain.pem
ssl_dh_parameters_length = 2048
ssl_key = </etc/letsencrypt/live/mail.example.com/privkey.pem
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3 TLSv1 TLSv1.1 TLSv1.2
userdb {
   driver = prefetch
}
userdb {
   args = /etc/dovecot/dovecot-sql.conf.ext
   driver = sql
}
verbose_ssl = yes
protocol imap {
   imap_client_workarounds = tb-extra-mailbox-sep delay-newmail
}



More information about the dovecot mailing list