Am 20.12.2014 um 20:46 schrieb Jeremy Harris:
What changed? Did the Exim version get updated, did the GnuTLS version get updated?
Nothing I suppose. This is a completely new server setup, with the config migrated and updated from a previous server. There were no major package updates in the past 3 weeks.
Possibly you've been caught by SSLv3 now being disabled by-default?
I have no idea. Actually I'd assume that Thunderbird should have current defaults. But I did have Thunderbird+Exim TLS issues in this setup before. I found some settings that should be changed for Thunderbird, related to tls version or so, and I did get it to work then. But it still worked without these changes, so I reverted them and didn't note what it was. Now it doesn't work again.
Actually I'd prefer a setup that doesn't require the user to modify hidden configuration settings in the MUA so that was just a quick hack to see if that comment I found was helpful.
But if I interpret the 'openssl s_client' output correctly, exim doesn't offer any certificate at all now. Is this is correct indication? How else could I verify that the server can handle SSL correctly? I don't want to test Exim and Thunderbird at the same time, that won't give me reliable results.
-- Yves Goergen http://unclassified.de http://dev.unclassified.de -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
