On Fri, 12 Sep 2014 19:39:30 Carsten Schoenert wrote: > can you please make some logs about the activity of Icedove (after you > have checked the points following)? > https://wiki.debian.org/Icedove#Debugging_Icedove_Activity > > Please check also the Error Console inside Icedove (Ctrl+Shift+j).
Thanks for helpful hints but I couldn't spot anything useful in MCE log or in error console... > BTW: You really mean 24.7.0? Yes, this is correct. > This version is only available via > stable-security! Which distribution you are running on? I noticed the problem following upgrade to "testing" on amd64. When it became obvious that Icedove can't be used any more I downgraded it to the latest available version which happened to be the exact version I was using before upgrade... > There are several bugs around this error message that mostly related to > GNUtls (on the server side). For example > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921 I'm not 100% sure but from the brief look it appears to be a different problem... > What cipher suite is configured inside the exim configuration? I'm not sure where to find this information... Whatever cipher settings are they would be default for Wheezy. As far as I'm aware there were no cipher customisations on server side. > Please also read this article to see which cipher suite Mozilla is > supporting > https://wiki.mozilla.org/Security/Server_Side_TLS Thanks but I know little about TLS and I don't understand how it can be helpful in my case... > What kind of CA you are using? If it is a md5 signature you have to use > an other not md5 hashed certificate. cacert.org. Certificate: Data: Version: 3 (0x2) Signature Algorithm: sha512WithRSAEncryption Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) > Do you have checked your settings for security.tls.version.min and > security.tls.version.max? The *.min should be 0 and *.max should be 3, > if not your client will not support all version for SSL/TLS. > http://kb.mozillazine.org/Security.tls.version.* Where are those settings? Anyway I've never touched them... > I strongly believe this report is not a Icedove/Thunderbird related > problem. I disagree. Otherwise how would you explain why downgrade of icedove fixed the problem? If icedove from Jessie can't talk to SMTP server on Wheezy it is a serious regression on the client side i.e. in the Icedove. -- All the best, Dmitry Smirnov. --- Without doubt you are not sane. -- Tage Danielsson
signature.asc
Description: This is a digitally signed message part.
