I turned off all TLS protocols EXCEPT for TLSv1.2
Something strange has happened
I have an IP camera from a former client that tries to tell me that it's hard drive is full every hour or so. It tries to use SSLv3.0, which I haven't accepted for over a year (when I lost that client)
This is with both TLSv1.0 and TLS v1.2 enabled
Code: Select all
"DEBUG" 2876 "2018-11-08 11:29:03.484" "TCP connection started for session 2538"
"DEBUG" 2876 "2018-11-08 11:29:03.484" "Performing SSL/TLS handshake for session 2538. Verify certificate: False"
"TCPIP" 12644 "2018-11-08 11:29:03.484" "TCPConnection - TLS/SSL handshake failed. Session Id: 2538, Remote IP: xxx.xxx.xxx.xxx, Error code: 336109835, Message: wrong version number"
"DEBUG" 12644 "2018-11-08 11:29:03.484" "Ending session 2538"
Code: Select all
"DEBUG" 2616 "2018-11-08 10:39:13.856" "TCP connection started for session 2360"
"DEBUG" 2616 "2018-11-08 10:39:13.856" "Performing SSL/TLS handshake for session 2360. Verify certificate: False"
"TCPIP" 6352 "2018-11-08 10:39:13.856" "TCPConnection - TLS/SSL handshake failed. Session Id: 2360, Remote IP: xxx.xxx.xxx.xxx, Error code: 336027900, Message: unknown protocol"
"DEBUG" 6352 "2018-11-08 10:39:13.856" "Ending session 2360"
I've also found that my POP3 External Downloads use TLSv1.0 if it is available, but switch up to TLSv1.2 if that is all that is available. Perhaps hmailserver should try the strongest encryption first
( I had to turn TLSv1.0 back on, as I noticed that a single sender hadn't retried a better security protocol, the sender is Australian Tax Office, and I think that they are trying to send me their regular newsletter)