<div dir="ltr">Ok, i understand the difference.<div><br></div><div><span style="font-size:12.8px">openssl s_client -starttls imap -connect mail.mydomain:143</span><br style="font-size:12.8px"><span style="font-size:12.8px">openssl s_client -connect mail.mydomain:993</span><br></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">these command runs as expected. </span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">i know this forum isn2T about thunderbird but, when setup account in thunderbird 993 port and with SSL, </span></div><div><span style="font-size:12.8px">i see this line on dovecot.log </span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher</span><br></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">our dovecot (2.0.9 on redhat) 10-ssl.conf file we have</span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">ssl_cipher_list = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES:!SSLv3</span><br></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">settings. </span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">this settings is correct for dovecot ? if they correct , can we say there is problem for thunderbird ? :)</span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">thanks in advance</span></div><div><span style="font-size:12.8px"><br></span></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jan 9, 2018 at 3:59 AM, Joseph Tam <span dir="ltr"><<a href="mailto:jtam.home@gmail.com" target="_blank">jtam.home@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
but i try to this command<br>
<br>
openssl s_client -connect mail.mydomain:pop3s -starttls imap<br>
<br>
it says CONNECTED and hang. second command is correct?<br>
</blockquote>
<br></span>
Uh, "pop3s" != "imap", and IMAP/STARTTLS is not the same as IMAP/SSL (or whatever the hell the terminology is nowadays).<br>
<br>
If you're testing IMAP, try one or the other or both depending<br>
of how many flavours of SSL you got going.<br>
<br>
openssl s_client -starttls imap -connect mail.mydomain:143<br>
openssl s_client -connect mail.mydomain:993<br>
<br>
Joseph Tam <<a href="mailto:jtam.home@gmail.com" target="_blank">jtam.home@gmail.com</a>><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">Selçuk YAZAR<br><a href="http://www.selcukyazar.blogspot.com" target="_blank">http://www.selcukyazar.blogspot.com</a></div>
</div>