Hy Phil,
actually the Android device runs on CyanogenMod M11 with Android 4.4.4 and K9 5.001.
The latest release notes from K9 stated the support for TLS and with Exim4 from Ubuntu 12.04 the connections were made with TLS, as i could see in the logs.
Since yesterdays upgrade to Ubuntu 14.04 with Exim 4.82 I can't connect with this specific client.
Changing chipers to NORMAL or NONE didn't help.
Salsauthd was also upgraded, so I think I have to take a look there also.
I'll report any further changes.
Thank you and kind regards,
elrippo
Am 29. Oktober 2014 07:04:36 MEZ, schrieb Viktor Dukhovni <exim-users@???>:
>On Wed, Oct 29, 2014 at 05:06:32AM +0000, Phil Pennock wrote:
>
>> > > Which clients are you trying to use?
>>
>> > The Only chiphers that works, is "tls_require_ciphers expands to
>SECURE256:!VERS-SSL3.0"
>> > But now i am getting trouble with a client software saying, that it
>could not negotiate a proper chipher suite.....
>> >
>> > "TLS error on connection from android.mywireless [192.168.xxx.xxx]
>(gnutls_handshake): Could not negotiate a supported cipher suite"
>>
>> Okay, that gets us a little closer to answering the question which
>was
>> asked, which was "which clients are you trying to use".
>>
>> I think that you're using Android 2.2 or older, so you don't have TLS
>> support. Thus you can't disable SSLv3 in the servers you care about.
>> For HTTPS, this is a severe problem, for SMTP it's not (yet).
>
>Also possible that "SECURE256" is simply too restrictive, and the
>peer does not support ciphersuites that strong. What's wrong with
>"NORMAL:!VERS-SSL3.0"? Surely if "SECURE256" is understood, "NORMAL"
>is likely to prove more interoperable.
>
>--
> Viktor.
>
>--
>## List details at https://lists.exim.org/mailman/listinfo/exim-users
>## Exim details at http://www.exim.org/
>## Please use the Wiki with this list - http://wiki.exim.org/
--
