Hello Dmitry, On Fri, Sep 12, 2014 at 11:17:59AM +1000, Dmitry Smirnov wrote: > Package: icedove > Version: 31.0-3 > Severity: serious > > Today I upgraded icedove 24.7.0-1~deb7u1 to 31.0-3 and immediately lost > ability to send messages (connection security: STARTTLS): > > connection to SMTP server was lost in the middle of the transaction.
can you please make some logs about the activity of Icedove (after you have checked the points following)? https://wiki.debian.org/Icedove#Debugging_Icedove_Activity Please check also the Error Console inside Icedove (Ctrl+Shift+j). BTW: You really mean 24.7.0? This version is only available via stable-security! Which distribution you are running on? > Luckily I have access to server log where exim4 4.80-7 logged the following: > > TLS error on connection from [...] > (gnutls_handshake): Could not negotiate a supported cipher suite. > > Downgrading icedove back to 24.7.0-1~deb7u1 fixed the problem. There are several bugs around this error message that mostly related to GNUtls (on the server side). For example https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921 What cipher suite is configured inside the exim configuration? Please also read this article to see which cipher suite Mozilla is supporting https://wiki.mozilla.org/Security/Server_Side_TLS What kind of CA you are using? If it is a md5 signature you have to use an other not md5 hashed certificate. Do you have checked your settings for security.tls.version.min and security.tls.version.max? The *.min should be 0 and *.max should be 3, if not your client will not support all version for SSL/TLS. http://kb.mozillazine.org/Security.tls.version.* I strongly believe this report is not a Icedove/Thunderbird related problem. Regards Carsten -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
