ICS v8 has been updated to support OpenSSL 1.0.2a and 1.0.1m, which include
various security advisory fixes.  

The changes and OpenSSL zips may be downloaded from the SVN repository or the
overnight zip file at:


These SMPT and POP3 mail components now both support the IcsLogger.

I added the logger to try and find out why I could no longer collect email from
Hotmail/Live at pop3.live.com after updating to OpenSSL 1.0.2 which appears to
be because it used very old ciphers.  

SSL Connected OK with TLSv1, cipher RC4-MD5, key exchange RSA, encryption
RC4(128), message authentication MD5

No idea why Microsoft uses such old ciphers, whereas Google goes out of it's
way to use the latest ciphers, as does Windows 2012. 

Fortunately, this transpires to be a limitation of OpenSSL 1.0.2, not an ICS
bug, and is unchanged in 1.0.2a.  I found users of other applications with a
similar problem, although one solution found is to set SslVersionMethod :=
sslTLS_V1_CLIENT; to force TLSv1 instead of starting with TLSv1.2.  

Alternatively if support for older ciphers is important, stick to 1.0.1m which
still works OK.


To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to