Doug Lytle wrote on 12/8/2014 2:28 AM: > I'm not 100% sure it isn't the ISP causing the issue. All my remote > clients are using OpenVPN. I've modified their host tables to point to > the private IP address of ASSP and the problem has gone away. I've > read a couple articles that state that ISPs are fooling around with > TLS to prevent users from encryption. I'm also not sure it's not a > pfSense bug. The next release is coming up soon and I'll test again > once my firewall has been upgraded. And as a test, I'll review a few > other, non Mozilla clients, to see if it's a Mozilla based bug. > Thanks, Doug
Doug, The user's OpenVPN connections should already be a fully encrypted tunnel, so the ISP shouldn't be able to even see, much less drop, the STARTTLS verb as in transit over the wire. Similarly, I was still having TLS issues even when using an SSH tunnel, so I'm quite sure the ISP isn't the cause. I also use a different firewall... and I think it rather unlikely that the firewalls could be causing problems with TLS connections such as we've been seeing, without a number of other people noticing it. I haven't yet devised how to properly test the software theory, but anecdotally, I've only heard complaints about this from my Thunderbird users, and not Outlook/OE/Mail users. Can I ask what MTA you're using behind ASSP? -C ------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
