after upgrade to 3.2, notes stoped sync between server and macbook, iPhone work perfect. if I restore dovecot.conf, from 3.1.15 sync begin work in all devices. How to solve this problem?
comment this lines # ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-$ # ssl_prefer_server_ciphers = no and min tls v 1 and all begin sync. is it safe??
Did you reconfigure services on update? It could be that TLSv1 or TLSv1.1 was used. TLSv1 and TLSv1.1 do not work in 3.2 because there are no ciphers for them in the Postfix config. You can add them: Code: nano /etc/postfix/main.cf And then replacing Code: tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 tls_preempt_cipherlist = no with Code: tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA tls_preempt_cipherlist = yes This will be fixed in 3.2.1 aswell.
yes of course in dovecot.conf should I change some thing? because noting happened after postfix change
My bad, I was too quick Quite some users have TLS issues with Postfix so most email related issues are fixed by that. Which version of MacOS is on your macbook and which email client do you use?
macOS Mojave there is no problem with email, problem with notes.app and ssl 1.2 and chippers as I think, I write earlier how I solve problem, but I don’t know is it safe or not?
TLSv1 and TLSv1.1 are being phased out. It is ofcourse better to leave them disabled. The reason that I am asking about your OS is that older version might not support TLSv1.2+, but MacOS 10.14 should support TLSv1.2. You could try setting TLSv1.2 as minimum, leave the ssl_cipher_list commented out, but re-enable ssl_prefer_server_ciphers. Maybe that would work.
ssl_min_protocol = TLSv1.2 #ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA$ ssl_prefer_server_ciphers = no/yes doesn't work (((
it is old tls I try to find solution how to use 1.2-1.3, ispconfig begin use them, very strange that macOS doesn't work with it, mail.app can, notes.app not
I would first check if there's an update available for notes, and if not / that doesn't solve it, update. (And even if it works, upgrading is a good idea ofcourse)
