Heads up on courier "SSL3_GET_RECORD:wrong version number" problem

[corona]

Hi,
In the process of setting this server up, I've had numerous problems with SSL, some my fault, some software's fault.

A big one that seems to be going round is a while series of errors in /var/log/mail.log

couriertcpd: couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

Most mail clients seem to ignore the problem so it doesn't affect everyone, just some users. The problem seems to be fixed by changing to config files /etc/courier/imapd-ssl and  /etc/courier/pop3d-ssl to make

TLS_PROTOCOL=SSL23
TLS_STARTTLS_PROTOCOL=SSL23

I've done this on my server by modifying the files and the eBox templates at
/usr/share/ebox/stubs/mail/imapd-ssl.mas
/usr/share/ebox/stubs/mail/pop3d-ssl.mas

and the problem seems to be fixed. Hopefully this can help others, and possibly be a change in future version of eBox, if this is a right fix for the problem.

Some references:
http://groups.google.com/group/mailing.unix.courier-imap/browse_thread/thread/ea56f60bbca15d05?pli=1
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg391801.html
http://www.flamingspork.com/blog/2007/10/18/everything-thats-wrong-and-right-with-ubuntu-gutsy/

Regards,
Andrew