Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

After update to 38.1.0 I get - ssl_error_handshake_unexpected_alert

  • 7 antwurd
  • 2 hawwe dit probleem
  • 1 werjefte
  • Lêste antwurd fan christ1

more options

Server uses these settings for POP3: port 995 Connection Security: SSL/TLS Authentication method: Normal password

After the updt to 38.1.0 it's just freez with "Connected to mail.serv.xxx". In Error Console I can see like something about handshaking and this: ssl_error_handshake_unexpected_alert

On another PC I have now TB 31.2.0 and all the same (mail server and settings) - no such problems.

So now I can check my mail only without "Connection Security" and at port 110.

Please stop doing it :( New update - new problems :(

Server uses these settings for POP3: port 995 Connection Security: SSL/TLS Authentication method: Normal password After the updt to 38.1.0 it's just freez with "Connected to mail.serv.xxx". In Error Console I can see like something about handshaking and this: ssl_error_handshake_unexpected_alert On another PC I have now TB 31.2.0 and all the same (mail server and settings) - no such problems. So now I can check my mail only without "Connection Security" and at port 110. Please stop doing it :( New update - new problems :(

Bewurke troch booya op

Keazen oplossing

I have to set security.tls.version.fallback-limit = 1

That would allow Thunderbird an insecure fallback to TLS version 1.1 or 1.0, which wouldn't be allowed by default. See https://support.mozilla.org/en-US/questions/1051530

I think my provider will not change anything about it and I will find another one

Finding a new provider sounds like a good idea.

server does not support RFC 5746, see CVE-2009-3555

See https://wiki.mozilla.org/Security:Renegotiation

Dit antwurd yn kontekst lêze 👍 1

Alle antwurden (7)

more options
more options

christ1 said

Can you post a screenshot of the error? http://support.mozilla.org/en-US/kb/how-do-i-create-screenshot-my-problem

Sure, but I have a russian ver. of Thunderbird. Sorry.

So when I'm not using any SSL-coonection (first part of a screenshot), TB can check mail and error log is clean. But with SSL (second part), log says about an error during connection to a server and:

SSL peer was not expecting a handshake message it received. (Error code: ssl_error_handshake_unexpected_alert)

Thank you!

Bewurke troch booya op

more options
more options

Thank you for the answer and for the links.

So how can I solve the problem?

Now I have 38.3.0 and on another PC still 31.2.0. So I'm still using PO3 at 110 port without any SSL and on 31.2.0 I can use port 995 and SSL/TLS. Mail server is the same.

Bewurke troch booya op

more options

You should talk to your email provider. My best guess is their server configuration is screwed. Or find a new provider where you can use SSL/TLS properly.

more options

My email privider answered me:

I have to set security.tls.version.fallback-limit = 1

I did it and it works, but now I have to press F5 (to check mail) twice.

I think my provider will not change anything about it and I will find another one, but my friend have 2000 visiting cards with with buggy provider...

I have another question - I've registered mail server at another provider (it's mine domainm, but mail server not) and now I can see:

server does not support RFC 5746, see CVE-2009-3555

when sending messages (SSL/TLS, 465 port, Normal Password). Is that bad?

Is it better anyway than my previous provider? At least it's mine domain and I can change provider when I want.

Thank you!

Bewurke troch booya op

more options

Keazen oplossing

I have to set security.tls.version.fallback-limit = 1

That would allow Thunderbird an insecure fallback to TLS version 1.1 or 1.0, which wouldn't be allowed by default. See https://support.mozilla.org/en-US/questions/1051530

I think my provider will not change anything about it and I will find another one

Finding a new provider sounds like a good idea.

server does not support RFC 5746, see CVE-2009-3555

See https://wiki.mozilla.org/Security:Renegotiation