Closed Bug 1246144 Opened 8 years ago Closed 8 years ago

Thunderbird 38.5.1 issue SSL3 ssl_error_no_cypher_overlap - unable to send email.

Categories

(Thunderbird :: Untriaged, defect)

Product:
Thunderbird
Component:
Untriaged
Version:
38 Branch
Platform:
x86
Windows 10
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: u534134, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0
Build ID: 20160123151951

Steps to reproduce:

https://support.mozilla.org/en-US/questions/1108183

Thunderbird are able to send email from my domain addresses if in my VPS (where is managed email of my domain) in exim.conf there are this:

tls_require_ciphers = ALL:HIGH:MEDIUM:+TLSv1.1:+TLSv1.2:!SSLv2

without :!SSLv3 at the end but this make my server vulnerable to the POODLE SSL3 

so I putted in my exim.conf

tls_require_ciphers = ALL:HIGH:MEDIUM:TLSv1.1:+TLSv1.2:!SSLv2:!SSLv3

this will secure my server and not allow SSL3 but Thunderbird with that stop to send email on Thunderbird.

Continue to work well on my Smarphone Android with TypeApp or with Outlook where I AM able to send email correctly, just only Thunderbird not work if I Disable SSL 3.

How to fix? I can't remove !SSLv3 from the string because safety is the first point.
What is wrong with Thunderbird, why not use the TLSv1.1 or TLSv1.2 and send emails?


Actual results:

Email of my server can't be sent from Thunderbird.
Error on console: ssl_error_no_cypher_overlap

Is strange because other email software works fine. Issue seems just with Thunderbird.


Expected results:

See my email delivered, sent from Thunderbird without error.
Severity: normal → critical
OS: Unspecified → Windows 10
Hardware: Unspecified → x86
Please see also the TOPIC here:
https://support.mozilla.org/en-US/questions/1108183

And read also here:
https://support.mozilla.org/en-US/questions/1108183?page=2



christ1 said

    https://lists.exim.org/lurker/message/20141017.093614.e5c38176.en.html 

Thank you,
if I put " openssl_options = +no_sslv2 +no_sslv3" is not recognized by exim, if I put "tls_require_ciphers = NORMAL:!VERS-SSL3.0" Thunderbird is unable to send message also Outlook with this so is better mine line where alow TLSv1.1

I found also other articles like here:
http://www.systemajik.com/blog/disabling-sslv3/

But also with "tls_require_ciphers = SECURE128:-VERS-SSL3.0" Thunderbird are unable to send message.

Seems Thunderbird are unable to use TLS. I don't know.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.