I'm using now STARTTLS and it looks like I'm having some issues. I will first describe the configuration I have:
-hMailServer 5.5B2074
-Starttls enabled as optional on ports: 25, 143 and 587
-Using wildcard valid certificate.
-Check the 'Use STARTTLS if available' box on the smtp options.
-Using a cipher list recommended by mozilla in the security box:
Code: Select all
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK;
The problems are the following:
-Sometimes receive the error 335544539 described as short read when attempting to establish the SSL handshake, perhaps the handshake timeout is set to low.
-Mails from and to Gmail are received and sent correctly using the ECDHE cipher but mails from and to outlook or hotmail do not use the TLS connection.
-On the logs the mails from iCloud are not received by TLS because there's no cipher shared, but I don't know which cipher they tried to use. Could we have on the logs the cipher they tried to use and also the ones they used when establishing the connection correctly?
Thank you all for the great work you're doing. Cheers.