On Sun, Dec 07, 2014 at 06:02:23PM +0100, Jan Kowalski wrote:
> In my case it is caused by my dovecot configuration, namely:
>
> ssl_protocols = !SSLv2 !SSLv3
> ssl_cipher_list = HIGH:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL
This configuration is incorrect. The majority of TLSv1.2 cipher
suites were defined as part of "SSLv3". In the cipherlist, the
protocol number is the *lowest* protocol that supports the cipher
suite, but removing all SSLv3 ciphers from TLS leaves only bleeding
edge AEAD and SHA-2 ciphers that many clients don't support.
A better cipherlist for *dovecot* would be:
DEFAULT:!EXPORT:!LOW:!MEDIUM:!MD5
The "MD5" ciphers suites are a superset of the SSLv2 cipher suites.
The "DEFAULT" list is generally a good starting point for non-experts,
to which you apply sensible exclusions.
--
Viktor.
