Koozali.org: home of the SME Server
Contribs.org Forums => Koozali SME Server 10.x => Topic started by: sages on April 25, 2021, 11:10:04 AM
-
I can access my sme10rc1 email via imaps from my android phone ok. Outlook 2010 is refusing to connect. Is this potentially something to do with the increased security of ssl under sme10? Outlook 2013 is connecting ok to imaps.
If it is then I suspect that it isn't something I can sort out on the outlook side.
Yes, I know outlook 2010 is older but it is still supported and I have a legal license for it.
-
Update. After some serious neglect ( I left the win7 laptop on charge in the back room) for a few hours, it appears that outgoing emails are being stashed in my outlook outbox and failing to send. Deleting them allows outlook to receive email and update the various imap folders. Just can't send via outlook 2010 at the moment.
-
Support for Office 2010 ended on October 13, 2020 and there will be no extension and no extended security updates
https://support.microsoft.com/en-us/office/end-of-support-for-office-2010-3a3e45de-51ac-4944-b2ba-c2e415432789
for sending are you using port 25 or 465 ?
what are the qpsmtpd or sqpsmtpd logs saying?
there have not not that much changes except ciphers for smtp
-
https://jaapwesselius.com/2018/09/23/outlook-2010-disconnected-with-tls-1-2/
tls1.2 is a minimum now for all services.
if one is accepting connection then you might have db entry to enable tls 1.0 or 1.1
even 1.2 is about to become insecure so i suggest disabling older protocols if enabled.
-
There was no change to the outlook config. Only change was unplugging old sme9 and plugging in 10rc1 using retaining IP and server name.
I suspect the cipher settings or just a reboot of the win7 laptop. I'll update if/when I resolve it.
Comments noted re outlook out of support. Win10 sucks though.
-
first see the link in previous message it seems to show a procedure to enable properly tls1.2 for outlook 2010
default dovecot is
ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
ssl_prefer_server_ciphers = yes
ssl_cipher_list = ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
in other words no SSL and no TLS<1.2
check you did not do any changes in the following as they would modify ciphers/protocols for all or one service
# config show modSSL
# config show dovecot
# config show qpsmtpd
qpsmtpd is more liberal, because we prefer weak encryption than nothing on port 25
SSLv23:!SSLv2:!SSLv3
so able to receive but not to send is strange .....
I would have a check to the nuber of allowed session per ip for imap as default is pretty low
-
( I left the win7 laptop on charge in the back room)
And like it not, you don't need reminding that Win 7 support ended January 14, 2020.
It really is time to move on.
-
All comments re win7/outlook 2010 unsupported etc noted.
Looks like something around the auth ciphers is my issue
-
Undoing this https://wiki.koozali.org/Email#How_do_I_enable_smtp_authentication_for_users_on_the_internal_network
appears to have resolved the sending issue.