Hello, today I suddenly started to see log lines telling me "A TLS fatal alert has been received.: Insufficient security".
The thing is, that it as far as I can see only happens when receiving messages from the German mail provider GMX. I can send messages to them, I also can send mails from GMX to my other accounts at other mail providers and transmission happens TLS encrypted (using the same ciphers). I also still receive mails over TLS encrypted links from other mail providers. The interesting part of the communication is as follows: gnutls_handshake was successful TLS: checking peer certificate TLS certificate verified: peerdn="C=DE,O=1&1 Mail & Media GmbH,ST=Rhineland-Palatinate,L=Montabaur,CN=mout.gmx.net" cipher: TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 Have channel bindings cached for possible auth usage. TLS active gnutls_record_recv(0x55de099705b0, 0x55de09d526d0, 4096) GnuTLS<3>: ASSERT: record.c[record_add_to_buffers]:787 GnuTLS<3>: ASSERT: record.c[record_add_to_buffers]:794 GnuTLS<3>: ASSERT: record.c[_gnutls_recv_in_buffers]:1328 GnuTLS<3>: ASSERT: record.c[_gnutls_recv_int]:1473 tls_refill: err from gnutls_record_recv( LOG: MAIN TLS error on connection from mout.gmx.net [212.227.17.22] (recv): A TLS fatal alert has been received.: Insufficient security LOG: smtp_connection MAIN SMTP connection from mout.gmx.net [212.227.17.22] lost D=0s child 4244 ended: status=0x100 normal exit, 1 I didn't upate anything the last days. I'm using Exim 4.92-7~bpo9+1 from Debian with GnuTLS 3.5.8-5+deb9u4. I had hopes I could learn from Marc Merlins issue, but after some similarity for starters it seems to be something different and I'm at a loss. Regards, Arno -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/