On Sat, Oct 27, 2018 at 11:51:15PM +0200, Kurt Roeckx wrote: ... > That server only supports TLS1, and is using a 1024 bit DHE key. > > I suggest you talk to the adminstrator to upgrade that server so > that at least TLS 1.2 is supported. > > As workaround you can change /etc/ssl/openssl.cnf. At the end of > the file it has: > MinProtocol = TLSv1.2 > CipherString = DEFAULT@SECLEVEL=2 > > It should work again if you change that to: > MinProtocol = TLSv1 > CipherString = DEFAULT@SECLEVEL=1 > > It could be that you can also configure some of that in getmail, > in which case I would recommend that you configure it there.
ok, thanks, i'll look into those if i have to, in the mean time i've asked the ISP what the plans were for TLSv1.2 and i've passed along that other link for the information so perhaps they can fix some of the other issues. i don't have high expectations given the setup, but we'll see. thanks again, ant
