A mail from mailcow is bounced by a receiving server with the message “Cannot start TLS: handshake failure”.
The technician says, that the mailcow is offering only TLS 1.3, but the their receiving server only supports TLS 1.2.
But our mailcow (mail1.traperto-hosting.com) has TLS 1.2 and TLS 1.3 active.
I checked the cipher of both servers, while our mailcow offers “TLS_AES_256_GCM_SHA384 ECDH 253”, the receiving server has “TLS_AES_256_GCM_SHA384 ECDH 256”
Could this different curves be the reason for the failure?
Is my mailcow somehow missconfigured, as it uses the “ECDH 253” curve?
I tried to change the ciphers/curves in the extra.cf and main.cf, but failed because of the automatic rewrite of this file. It would be awesome, if the mailcow could support both curves.