Hi *, The change in default SSL settings between 2.2 and 2.3 cut off a few clients; Microsoft-hosted Exchange (?) being one of them:
Jan 4 11:02:56 kremail dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=40.101.4.hisip, lip=myip, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher, session=<8SGob/BhTdcoZQS1>
Explicitly setting ssl_cipher_list to the old defaults helped: ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL Does someone have an idea what to recommend to the poor user or should I accept that I stay with the old defaults ? The guy is cooperative, so we can find out which of the !'s in the new defaults actually breaks the connection... if you think it's worth. Thanks for your help, Jan
