Am 16.01.2015 um 12:24 schrieb Oliver Welter:
after adding TLSv1.2 to by TLS options

how did you do that?

there is no need to add it as long you did not break
your configuration intentional the time before

a lot of Outlook users complaint about connection errors,
openssl s_client and Thunderbird works fine.


I found some posts about this but none of them had a real solution on
this - I meanwhile disabled TLSv1.2 which made the Outlook users happy.

I run dovecot 2.2.13, OpenSSL 1.0.1j 15 Oct 2014

ssl_cert = </var/qmail/control/servercert.pem
ssl_cipher_list = ALL:!EXPORT:!LOW:!MEDIUM:!aNULL:+RC4:@STRENGTH

!MEDIUM likely is the reason

ssl_dh_parameters_length = 2048
ssl_key = </var/qmail/control/servercert.pem
ssl_protocols = !SSLv2 !TLSv1.2

The certificate is from Comodo using sha256

the confiig below works with every known Outlook version down to Outlook 2003 on Windows XP in combination with a RSA4096/SHA256 key as well as with all other reasonable mail clients

ssl_protocols  = !SSLv2 !SSLv3
ssl_prefer_server_ciphers  = yes

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to