[Ach] New SSL config with Entourage email client
dan at dogsbodytechnology.com
Wed Nov 26 19:10:11 CET 2014
We after the initial rush to disable SSLv3 we've been slowly checking
the cipher list on our servers and services and switched the last one to
the bettercrypto.org recommendation which has worked great until now :-p
We obviously left the trickiest for last as we now have one customer
that can't access their email. This customer is using the Entourage
email client on MacOS.
Server - Scientific Linux (RedHat) 6.6 & Dovecot 2.2.15
Client - MacOS 10.6.8 && Entourage v12.3.6
We have gone through their local settings and can't see anything wrong
with their client and the maillog is just giving us...
dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>,
rip=######, lip=######, TLS handshaking, session=<######/>
This stopped working the exact time we changed the ciphers so this looks
like a cipher issue to me where the client has no ciphers in common with
Anyone know what ciphers Entourage uses and/or what I need to add to the
dovecot config to make it work again? :-/
I'd rather not go back to the default!
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
Thank you in advance
More information about the Ach