Hi,
I have noticed problems with DOVECOT in mailcow version 2024-01a.
Probably there are problems with the support of older versions of TLS.
It is receiving a log:
pop3-login: Disconnected: Connection closed: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol (no auth attempts in 0 secs): user=<>, rip=XX.XX.XX.XX, lip=YY.YY.YY.YY, TLS handshaking: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol
In the data/conf/dovecot/extra.conf file I included:
ssl_min_protocol = TLSv1
disable_plaintext_auth=no
Interestingly, the parameter “disable_plaintext_auth=no” I had to specify in version 2024-01a, because some users could not connect to POP3.
I also notice that the logs show a different time than the other services. In dovecot it appears UTC time, while in the other services I see local time (in my case CET).
The current temporary “solution” is to reconfigure users from port from 995 to 110 without SSL.
I would like to maintain support for the old protocols until the end of 2024. However, the “ssl_min_protocol = TLSv1” parameter alone is not a solution.
Do you have any ideas to solve the problem?