Outlook error with pop3 ssl port 995

trix.hosting

Verified User
Joined
Jun 21, 2016
Messages
67
Location
Tucuman - Argentina
I have error retrivieng and connecting from outlook with ssl enable, port 995 pop3 account.

this happend after dovecot 2.3.2 update.

my clients still use outlook 2007. please help, i have error with wrong autenticate protocol. when retrivieng emails. if i disable ssl and config port to 110 its work.
 
Hello,

Adjust settings in /etc/dovecot/conf/ssl.conf to fit your needs

it has the option:

Code:
ssl_min_protocol = TLSv1.1

which disables everything lower than TLS 1.1, and copy it after all to /usr/local/directadmin/custombuild/custom/dovecot/conf/ssl.conf

related: https://help.directadmin.com/item.php?id=571
 
Can that also be made a system default like with TLSv1.0 for http?

Edit: Just checked, on the newer custombuild versions that is already done:
ssl_min_protocol = TLSv1.1
 
can you point me about the correct configuration to outlook works?

or the previus ssl.conf file to make corrections to outlook 2007 works?
 
Last edited:
What do you mean? You don't need to change anything in Outlook.

Just go via SSH to what zEitEr said, change the config line in ssl.conf and restart Dovecot. Then your Outlook 2007 clients should be able to connect again like they did before, without need for change in the Outlook client itself.
 
i have copy the file to the desire location anda restart dovecto, still not working, I have this in /custom/dovecot/conf/ssl.conf

ssl_cert = </etc/exim.cert
ssl_key = </etc/exim.key
ssl_dh = </etc/dovecot/dh.pem

ssl_min_protocol = TLSv1.1
ssl_cipher_list = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
 
Check public information in internet on what SSL/TLS versions the OutLook 2007 supports, I believe it might work under TLS v.1.0, so try it.
 
I have this in /custom/dovecot/conf/ssl.conf
Do you also have that in /etc/dovecot/conf/ssl.conf?

If yes and still not working, can you check /var/log/maillog, /var/log/exim/mainlog and /var/log/exim/rejectlog for entry's when the connection error occurs?
 
If your clients updated their office package via windows update KB3140245, outlook 2007 should support tls v1.1 and 1.2.
It's also possible to do it via registry entries, but I would not advise to let customers change registry entries themnselves.
 
the custom folder is used to protect your changes from being lost after an update done with the help of custombuild, none service loads configs from the directory under custombuild.
 
in /etc/dovecot/conf/ssl.conf

ssl_cert = </etc/exim.cert
ssl_key = </etc/exim.key
ssl_dh = </etc/dovecot/dh.pem

ssl_min_protocol = TLSv1.1
ssl_cipher_list = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

in /usr/local/directadmin/custombuild/custom/dovecot/conf/ssl.conf

ssl_cert = </etc/exim.cert
ssl_key = </etc/exim.key
ssl_dh = </etc/dovecot/dh.pem

ssl_min_protocol = TLSv1.0
ssl_cipher_list = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

restarted dovecot still now working

That is right?
 
./build dovecot does not update dovecot configs, you need to run ./build dovecot_conf
 
i have run ./build dovecot_conf and still not working for outlook. Do you have old ssl.conf values before 2.3.2 update?

I have found it
its

ssl_min_protocol = TLSv1

instead

ssl_min_protocol = TLSv1.0

thank you now it's working
 
Back
Top