On 5 September 2017 at 19:15, Gene Heskett <ghesk...@shentel.net> wrote: > On Tuesday 05 September 2017 13:40:00 Michael Grant wrote: > >> I upgraded openssl today in my server running testing. It installed >> version 1.1.0f-5. To my surprise, my mac clients can no longer send >> and receive email! >> > As that is a security related upgrade, I would next push the Mac people > to match it, or if possible, configure the Macs to use the more secure > protocol.
Any clues how to configure the Mac to use the more secure protocol? All the software is up-to-date on the Mac side. I don't see any obvious option in any of the mail settings on the Mac side. This is the error I see in the mail logs for both dovecot and sendmail: dovecot: TLS handshaking: SSL_accept() failed: error:1417D102:SSL routines:tls_process_client_hello:unsupported protocol, session=<...> sendmail: STARTTLS=server: 0:error:1417D102:SSL routines:tls_process_client_hello:unsupported protocol:../ssl/statem/statem_srvr.c:974: I realize this isn't a MacOS forum but the error message here is on the Debian side. Other mail clients like Windows Mail connect fine. Is there something I can set on Debian side to force this newer openssl to accept older 1.x connections?
