Topics

1

Installation and Upgrades / Zentyal 7.1 how to get TLS1.1 back?

« on: October 17, 2023, 07:44:24 am »

Old school Windows XP mail clients like Outlook Express can't connect to server due TLS1.2 as minimal required security level.

Tried to lower minimum TLS level in dovecot in
/etc/dovecot/conf.d/10-ssl.conf by

Code: [Select]

ssl_min_protocol = TLSv1.1
also set in /etc/ssl/

Code: [Select]

[ default_conf ]
ssl_conf = ssl_sect

[ ssl_sect ]
system_default = system_default_sect

[ system_default_sect ]
MinProtocol = TLSv1
# Be less secure when negotiating ciphers, verifying certificates, etc.
CipherString = DEFAULT@SECLEVEL=1

After restarting dovecot still got ssl error

Code: [Select]

openssl s_client -connect my.server.com:995 -tls1_1
CONNECTED(00000003)
4057F8C89C7F0000:error:0A0000BF:SSL routines:tls_setup_handshake:no protocols available:../ssl/statem/statem_lib.c:104:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 7 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

When I try to lower TLS at postfix config having same behavior on 465 port.

Is Zentyal has specific TLS settings?

2

Email and Groupware / Mail alias for multiple external recipients

« on: September 27, 2023, 11:05:18 am »

Zentyal 7.1 installed.

I need to make mail alias like alias@my.zentyal.com which redirect incoming messages to multiple recipients list like: user1@my.zentyal.com, user1@gmail.com, someone@else.com

How can I do this?