tba...@txbweb.de writes:
I use the default config file of imapd-ssl. I just defined the path to the certificate. The other variables you mentioned aren't set and I already generated a stronger dhparam.pem. Last year I already was affected by a "bug" (https://bugzilla.mozilla.org/show_bug.cgi?id=1183650#c27) and a stronger dhparam.pem was the solution. I repeated it withroot@txbweb /etc/ssl/certs # rm /etc/courier/dhparams.pem root@txbweb /etc/ssl/certs # DH_BITS=2048 mkdhparams This time, it doesnt help. The output of "openssl s_client -starttls imap -connect mail.txbweb.de:143" should be the same as "openssl s_client -starttls smtp -connect mail.txbweb.de:25", right? Very confusing.
They use different configuration files: imapd-ssl versus esmtpd-ssl.There must be some different config settings between them. In the end, it's the same SSL wrapper binary, couriertls, that negotiates the SSL connection based on the settings in each environment. Each configuration file is a slightly disguised shell script whose only purpose is to set the environment variables, which are read by couriertls to configure an SSL connection.
If the settings are identical, the end result should be the same. couriertls does not know and does not care whether the connection is for SMTP or IMAP.
pgpRaQ9vuQmei.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
