HEllo, hope I won't be blamed for necroposting.
>On Thu, Mar 26, 2015 at 4:41 PM, Matus UHLAR - fantomas <uh...@fantomas.sk> >wrote: >> no matter what I have tried to put into "TLS_PROTOCOL" (even clear >> nonsense), it only accepted TLS version 1.0. I have tried to work around this by setting TLS_CIPHER_LIST to exclude SSL3 ciphers, without any luck (unsurprisingly). >> apparently couriertls only supports tls1.0, while underlying openssl >> library supports 1.2. On 26.03.15 17:05, Jan Ingvoldstad wrote: >And that's with Courier 0.74.1? no, that's with imap 4.10.0 and pop 0.68.2, as they appear in Debian 7 (Wheezy), released on 2013/05/04. Note that Debian, like many other (non-rolling) distributions, prefers to maintain one release and backport security fixes to it. That prevents from unexpected surprises and backward incompatibilities when upgrading to newer versions. What would be best done, is to backport TLS1_1 and TLS1_2 support to the version in wheezy (that should be supported for 5 years since release). Sam, would you find that possible? Are there any commits updating openssl and tls1+ available on github (or anywhere else)? Thank you -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam = (S)tupid (P)eople's (A)dvertising (M)ethod ------------------------------------------------------------------------------ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
