2013/10/15 Ben Stover <[email protected]>: > When I try to connect to one of my mailboxes I get a return: > > SSL_connect: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong > version number > Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket > > What does that mean? > > in stunnel.conf I set the global parameter: > > options = NO_SSLv2 > > This works in general. But for the mentioned email provider it could mean > that he allows only SSLv2. > Is this the reason? > > Where is described what is inscure at SSLv2? > > How can I allow for that particular email provider SSLv2 but disallow for all > others?
It is extremely unlikely that this has anything to do with SSLv2. SSLv2 is so old that there are practically no services in the Internet that support only it (however some do allow SSLv2 in addition to newer ones). Some of the most important SSLv2 flaws are explained on Wikipedia: http://en.wikipedia.org/wiki/Secure_Sockets_Layer#SSL_2.0 What stopped you from temporarily removing the global option and verifying if this has anything to do with SSLv2? Most probably it still will not work (the "SSL3_GET_RECORD:wrong version number" message is misleading usually). -- Janusz Dziemidowicz _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
