[RCU] [SMTP, SSL] Roundcube 1.2.2 - never use TLSv1.2 and always fallback to TLSv1 when sends mail
pawel at lookasik.eu
Thu Nov 10 11:55:07 CET 2016
Yes, I'm pretty sure it's problem with RC - it uses TLSv1.2 for IMAP
connections but not for SMTP.
PHP is rather new (Debian 7):
PHP 5.4.45-1~dotdeb+7.1 (cli) (built: Sep 5 2015 00:21:03)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
> do you really think roundcube has it's own low-level TLS code?
> most likely you run outdated PHP
> Am 10.11.2016 um 11:02 schrieb Paweł Łukasik:
>> Roundcube always use TLSv1 for sending mail (used on same host as
>> mailserver with both RSA and ECDSA certs, ports 25 and 587). When I
>> disable all TLS/SSL versions except TLSv1.2 in Postfix config, I
>> send mails from Roundcube (SMTP Error: Authentication failure:
>> failed (Code: ) in /var/www/roundcube/program/lib/Roundcube/rcube.php
>> line 1649 (POST
>> ) but can from desktop/mobile client.
>> Connection from Roundcube to IMAP server is always use TLSv1.2,
>> servers (i.e. GMail) connect with TLSv1.2.
>> What could cause this behaviour? Is it possible to force TLSv1.2 for
Pozdrawiam, Paweł Łukasik
More information about the users