I can no longer use TLS for Windows7 and Outlook
Mark Constable
markc at renta.net
Sun May 31 07:36:52 EEST 2020
I currently use Ubuntu 20.04 with Dovecot 2.3.7.2 and OpenSSL 1.1.1f.
A few months ago there was an update to all these systems and since
then I've had to talk W7 and old Mac clients through disabling ports
993/995 with TLS enabled back to ports 143/110 without SSL or they
could not pick up email. Thunderbird users (ie; me) were unaffected.
Could anyone share a set of port 993/995 SSL settings known to work
with Windows7 and Outlook16 using "dovecot -n|grep ^ssl_" please ?
Mine is currently...
ssl_ca = </etc/ssl/certs/ca-certificates.crt
ssl_cert = </etc/ssl/example.com/fullchain.pem
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_options = no_compression no_ticket
ssl_prefer_server_ciphers = yes
I have commented out ssl_cipher_list, ssl_min_protocol and others to
get back to whatever the defaults are so I am not simply guessing what
the optimal settings would be to cover Win7 and up.
Yes I know Win7 is no longer supported but that does not help the 100s
of older users I have that can't/won't upgrade their computers.
More information about the dovecot
mailing list