On Fri, Sep 01, 2017 at 09:01:29AM +0100, Julian Gilbey wrote: > On Fri, Aug 11, 2017 at 08:20:38AM +0200, Evgeni Golov wrote: > > isync/mbsync defaults to use TLSv1, which was recently disabled in Debian > > [1]. > > This results in funny errors when trying to use mbsync now: > > Socket error: secure connect to mail.die-welt.net (81.7.13.250:143): > > error:141640BF:SSL routines:tls_construct_client_hello:no protocols > > available > > > > Please don't hardcode any TLS defaults, let OpenSSL use whatever it knows > > is best. > > > > Tempted to add a "security" tag. > > I wonder whether this should be a "serious" bug: it makes the package > unusable whenever a mailbox has an SSL handshake.
Well, the workaround is kinda trivial, just add: SSLVersions TLSv1.2 to your config. And there is no data leakage/corruption/loss. What do the maintainers think?