Am 21.03.2015 um 11:51 schrieb James:
On 21/03/2015 10:00, James wrote:the "SSL23_GET_CLIENT_HELLO:unsupported protocol" seems to do what I thought the ssl_protocols setting did. Do I still need, if I ever needed, the "ssl_protocols = " setting?All these ssl_* settings just go to OpenSSL without Dovecot (or I) knowing all that much about them. I think you still need it, but maybe it's because your ssl_cipher_list is so limited that it fails the session anyway (just my guess).I'd better add this PS, my openssl is compiled with "no-ssl3" which is where the the SSL23 unsupported is coming from. I've remove the "no-ssl3" from openssl indeed it accepts the connection, however, with "ssl_protocols = !SSLv2 !SSLv3" in dovecot.conf imap-login still sig 11s
well, remove that brickage of "special compile"
signature.asc
Description: OpenPGP digital signature
