recent ssl update prevents alpine from sending email
Bug #1467204 reported by
Bruce Knapp
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Linux Mint |
New
|
Undecided
|
Unassigned | ||
Bug Description
I'm using Linux Mint 17.1 kde 64bit, but I suspect the problem affects anyone with an ubuntu distribution who uses alpine for mail. After installing the recent ssl update, any atempt to send mail with alpine fails ssl negotiations. I have another machine with the same distribution but without the update. It can send mail with alpine. Both use /ssl for the server.
| information type: | Private Security → Public |
Revision history for this message
| sordna (sordna) wrote | #1 |
To post a comment you must log in.
I ran into the same problem with Ubuntu 20.04 but the note in: /usr/share/
openssl (1.1.1d-2ubuntu2) focal; urgency=medium
The default security level for TLS connections was increased from
level 1 to level 2. This moves from the 80 bit security level to the
112 bit security level and will require 2048 bit or larger RSA and
DHE keys, 224 bit or larger ECC keys, SHA-2, TLSv1.2 or DTLSv1.2.
The system wide settings can be changed in
/etc/
the defaults.
In the default /etc/ssl/
CipherString. The CipherString can be used to set the security
level. Information about the security levels can be found in the
SSL_CTX_
found in ciphers(1ssl) and config(5ssl).
Changing back the defaults in /etc/ssl/
defaults can be by adding at the top of the file:
# System default
openssl_conf = default_conf
and adding at the bottom of the file:
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_
CipherString = DEFAULT:@SECLEVEL=1
It's recommended that you contact the remote site in case the defaults cause
problems.
-- Dimitri John Ledkov <email address hidden> Wed, 08 Jan 2020 17:17:41 +0000