[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: testing, upgrade of openssl libssl1.1 ( 1.1.0f-3 => 1.1.0f-4 )

On 5 September 2017 at 19:15, Gene Heskett <gheskett@shentel.net> wrote:
> On Tuesday 05 September 2017 13:40:00 Michael Grant wrote:
>> I upgraded openssl today in my server running testing.  It installed
>> version 1.1.0f-5.  To my surprise, my mac clients can no longer send
>> and receive email!
> As that is a security related upgrade, I would next push the Mac people
> to match it, or if possible, configure the Macs to use the more secure
> protocol.

Any clues how to configure the Mac to use the more secure protocol?
All the software is up-to-date on the Mac side.  I don't see any
obvious option in any of the mail settings on the Mac side.

This is the error I see in the mail logs for both dovecot and sendmail:

TLS handshaking: SSL_accept() failed: error:1417D102:SSL
routines:tls_process_client_hello:unsupported protocol, session=<...>

STARTTLS=server: 0:error:1417D102:SSL

I realize this isn't a MacOS forum but the error message here is on
the Debian side.  Other mail clients like Windows Mail connect fine.

Is there something I can set on Debian side to force this newer
openssl to accept older 1.x connections?

Reply to: