Hi Apollon,
You're right, I'm sorry. I used the same Dovecot SSL configuration from Debian 7 (which restricted some weak ciphers) which resulted in the same problems discussed in this bug. Reverting it to the defaults of Dovecot in Stretch made it work again. -- Kind regards, Kees de Jong | OpenPGP fingerprint: 0x0E45C98AB51428E6 On Mon, Sep 4, 2017 at 10:29 AM, Apollon Oikonomopoulos <apoi...@debian.org> wrote: > Hi, > > On 09:33 Sun 03 Sep , K. de Jong wrote: > > This bug affects also Debian stable (Stretch), is there any chance Debian > > will fix this? Or are these one of those things that won't be touched now > > Stretch is already released? > > No, to my understanding Stretch is not affected by this; this is easily > verifiable using: > > openssl s_client -connect localhost:143 -starttls imap -tls1 > > which works perfectly fine with openssl 1.1.0f-3 and dovecot > 1:2.2.27-3+deb9u1 in Stretch. > > > Dovecot is not working now. > > Please do not exaggerate. As far as I can tell dovecot is working for > everybody in Stretch and for the majority of users in testing/unstable. > That said, I'll see if we can get upstream to support a minimum TLS > version setting. > > Regards, > Apollon >
