Hello
I am using dovecot 2.2.10 on CentOS 7
Any Outlook versions (2007, 2010, 2013...) hang if I tried to use TLS,
it works if I switch in client TLS to SSL. Thunderbird works perfect
both scenarios
Please find debug log
mail dovecot[24287]: imap-login: Debug: SSL: where=0x10, ret=1:
before/accept initialization [X.X.X.X]
mail dovecot[24287]: imap-login: Debug: SSL: where=0x2001, ret=1:
before/accept initialization [X.X.X.X]
mail dovecot[24287]: imap-login: Debug: SSL: where=0x2002, ret=-1:
SSLv2/v3 read client hello A [X.X.X.X]
mail dovecot[24287]: imap-login: Debug: SSL: elliptic curve secp384r1
will be used for ECDH and ECDHE key exchanges
mail dovecot[24287]: imap-login: Debug: SSL: elliptic curve secp384r1
will be used for ECDH and ECDHE key exchanges
mail dovecot[24287]: auth: Debug: auth client connected (pid=24300)
mail dovecot[24287]: imap-login: Disconnected (no auth attempts in 31
secs): user=<>, rip=X.X.X.X, lip=X.X.X.X, TLS handshaking: Disconnected,
session=<bivt8iNuBgA+A08O>
Please find my config
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-862.3.2.el7.x86_64 x86_64 CentOS Linux release
7.5.1804 (Core)
auth_cache_size = 16 M
auth_cache_ttl = 1 days
auth_debug = yes
auth_mechanisms = plain login
auth_username_chars = abcdefghijklmnopqrstuvwxyz.@
auth_verbose = yes
default_client_limit = 1024
default_process_limit = 16
doveadm_password = mysecretpasswordsharedamongservers
first_valid_uid = 1000
mail_attachment_dir = /srv/attachments
mail_attachment_min_size = 4 k
mail_debug = yes
mail_home = /var/spool/mail/%d/%n
mail_location = mdbox:~/mail
mail_plugins = replication notify
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
auto = subscribe
special_use = \Sent
}
mailbox Spam {
auto = create
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
mailbox virtual/All {
auto = no
special_use = \All
}
prefix =
type = private
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap lmtp
service aggregator {
fifo_listener replication-notify-fifo {
mode = 0666
user = $default_internal_user
}
unix_listener replication-notify {
mode = 0666
user = $default_internal_user
}
}
service auth {
unix_listener auth-userdb {
mode = 0666
}
}
service doveadm {
inet_listener {
port = 55555
}
}
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
process_min_avail = 2
service_count = 1
}
service imap {
client_limit = 0
}
service lmtp {
unix_listener lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert = </etc/letsencrypt/live/mail.example.com/fullchain.pem
ssl_dh_parameters_length = 2048
ssl_key = </etc/letsencrypt/live/mail.example.com/privkey.pem
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3 TLSv1 TLSv1.1 TLSv1.2
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
verbose_ssl = yes
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep delay-newmail
}
