On Fri, May 07, 2021 at 01:42:52AM +0200, Markus Julen wrote: > Hi all! > > Having just moved a small "outgoing only" mailserver to 6.9, I started to > receive error messages: > > > 80008bb60b9428ed smtp connected address=X.X.X.X host=z.z.z > > 80008bb60b9428ed smtp disconnected reason="io-error: handshake failed: > > error:1402610B:SSL routines:ACCEPT_SR_CLNT_HELLO:wrong version number" > > No filters, nothing, just plain smtpd. 6.8 worked flawlessly. > > Has anyone managed to tweak the "cipher" option to the "listen" directive? > Any other options to try? > > Telling everyone to upgrade their mail client is probably no option as of > now...
Hello. Have a look at the tls_config_set_protocols(3) manpage for the protocols and ciphers options. You can try with something like: listen on ... tls protocols "legacy" ciphers "compat" Eric.