On 7/31/2015 5:54 PM, Sam Varshavchik wrote: > Bowie Bailey writes: > >> courieresmtpd: courieresmtpd: STARTTLS failed: DEBUG: Unexpected SSL >> connection shutdown. >> >> I've been seeing this message in my logs quite a bit recently. The IP >> addresses that it comes from (based on the previous "started" line, are >> all outlook.com addresses. I am having a problem getting emails from >> someone who is using an the outlook.com servers for his email, so I >> think this is related. >> >> Apparently, Outlook doesn't like something about my SSL setup. These >> errors and the bounceback errors I have been provided by the sender >> don't give any clues to the actual problem. > > The actual problem is that the remote server terminated the network > connection, without any further information. There's really nothing > much more that can be said about it. > >> I have the protocol set to SSL23, which should allow everything >> according to the comments in the file. Any suggestions? > > There's been some recent chatter that MS-ware is now requiring > 2048-bit DH keys. > > Run the mkdhparams script, with the DH_BITS environment variable set > to 2048.
I already did that. Thunderbird's IMAP client won't connect otherwise. I see that the default protocol setting is now "TLSv1+". Would I be risking any problems if I changed from "SSL23" to "TLSv1+"? How many servers out there are incapable of doing TLS? -- Bowie ------------------------------------------------------------------------------ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
