notes doesn't sync anymore

Discussion in 'Installation/Configuration' started by Nikolay Orlov, Oct 26, 2020.

  1. Nikolay Orlov

    Nikolay Orlov New Member

    after upgrade to 3.2, notes stoped sync between server and macbook, iPhone work perfect. if I restore dovecot.conf, from 3.1.15 sync begin work in all devices. How to solve this problem?
     
  2. Nikolay Orlov

    Nikolay Orlov New Member

    comment this lines
    # ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-$
    # ssl_prefer_server_ciphers = no
    and min tls v 1
    and all begin sync. is it safe??
     
  3. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Did you reconfigure services on update?

    It could be that TLSv1 or TLSv1.1 was used. TLSv1 and TLSv1.1 do not work in 3.2 because there are no ciphers for them in the Postfix config. You can add them:
    Code:
    nano /etc/postfix/main.cf
    And then replacing
    Code:
    tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
    tls_preempt_cipherlist = no
    with
    Code:
    tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
    tls_preempt_cipherlist = yes
    This will be fixed in 3.2.1 aswell.
     
    Last edited: Oct 26, 2020
  4. Nikolay Orlov

    Nikolay Orlov New Member

    yes of course
    in dovecot.conf should I change some thing? because noting happened after postfix change
     
  5. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    My bad, I was too quick ;) Quite some users have TLS issues with Postfix so most email related issues are fixed by that.

    Which version of MacOS is on your macbook and which email client do you use?
     
  6. Nikolay Orlov

    Nikolay Orlov New Member

    macOS Mojave there is no problem with email, problem with notes.app and ssl 1.2 and chippers as I think, I write earlier how I solve problem, but I don’t know is it safe or not?
     
  7. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    TLSv1 and TLSv1.1 are being phased out. It is ofcourse better to leave them disabled. The reason that I am asking about your OS is that older version might not support TLSv1.2+, but MacOS 10.14 should support TLSv1.2.

    You could try setting TLSv1.2 as minimum, leave the ssl_cipher_list commented out, but re-enable ssl_prefer_server_ciphers. Maybe that would work.
     
  8. Nikolay Orlov

    Nikolay Orlov New Member

    ssl_min_protocol = TLSv1.2
    #ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA$
    ssl_prefer_server_ciphers = no/yes
    doesn't work (((
     
  9. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Alright, try enabling TLSv1.1 but keep ssl_prefer_server_ciphers on, see if that works.
     
  10. Nikolay Orlov

    Nikolay Orlov New Member

    it is old tls I try to find solution how to use 1.2-1.3, ispconfig begin use them, very strange that macOS doesn't work with it, mail.app can, notes.app not
     
  11. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    You might want to consult Apple on this. Maybe with Catalina (10.15) Notes will work properly?
     
  12. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Did you check in the app store that everything is up to date?
     
  13. Nikolay Orlov

    Nikolay Orlov New Member

    try to update Mac to Catalina and then look on it )))
     
  14. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    I would first check if there's an update available for notes, and if not / that doesn't solve it, update. (And even if it works, upgrading is a good idea ofcourse)
     
  15. Nikolay Orlov

    Nikolay Orlov New Member

    update to Catalina solve problem, thank you very mach
     
  16. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Good to hear, no problem :)

    Remember to change the dovecot config back to the defaults
     

Share This Page