[Bug 251327] mail/thunderbird fails to connect over ssl/tls
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Nov 25 10:13:21 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=251327
Christoph Moench-Tegeder <cmt at freebsd.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|New |Closed
Resolution|--- |Works As Intended
--- Comment #5 from Christoph Moench-Tegeder <cmt at freebsd.org> ---
(In reply to Shane from comment #3)
> I have changed the server name to mail.superb.net
Aha. Checking that with openssl, I get, among others:
- "Protocol : TLSv1"
- "Peer signing digest: MD5-SHA1"
or, when doing it right[tm]: "openssl s_client -no_ssl3 -no_tls1 -no_tls1_1
-connect mail.superb.net:995" yields "unsupported protocol".
May I suggest that your email provider is really behind the curve with their
TLS configuration? Not offering TLSv1.2 is so... 2010?
Anyways, Mozilla disabled TLS 1.0 and 1.1 in the 78 versions, see release notes
at https://www.thunderbird.net/en-US/thunderbird/78.0/releasenotes/ .
You could use config settings security.tls.version.enable-deprecated and/or
security.tls.version.min/max to re-enable the old protocols. Please note: THIS
IS NOT A RECOMMENDED CONFIGURATION. There's (only slightly outdated)
documentation on these settings in
http://kb.mozillazine.org/Security.tls.version.* (I can only hope that you
don't have any problems with completely unimplemented ciphers or similar, but
in the end you really need to talk to your mail host provider).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-gecko
mailing list