Am 16.01.2015 um 12:24 schrieb Oliver Welter: > Hi Folks, > > after adding TLSv1.2 to by TLS options a lot of Outlook users complaint > about connection errors, openssl s_client and Thunderbird works fine. > > I found some posts about this but none of them had a real solution on > this - I meanwhile disabled TLSv1.2 which made the Outlook users happy. > > I run dovecot 2.2.13, OpenSSL 1.0.1j 15 Oct 2014 > > ssl_cert = </var/qmail/control/servercert.pem > ssl_cipher_list = ALL:!EXPORT:!LOW:!MEDIUM:!aNULL:+RC4:@STRENGTH > ssl_dh_parameters_length = 2048 > ssl_key = </var/qmail/control/servercert.pem > ssl_protocols = !SSLv2 !TLSv1.2 > > The certificate is from Comodo using sha256. > > Any idea? > > Oliver >
there is no "Outlook", please do a exact debug what Outlook and Windows Version, disable TLSv1.2 is a bad idea, my bet goes on your ssl_cipher_list, try this # SSL ciphers to use ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL or search list archive and www for other better solutions and general dovecot ssl configs Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
