DebianThis forum is for the discussion of Debian Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Coming from 10 years of Ubuntu I recently moved to Debian on my new laptop. Largely the transition was smooth, but I am struggling with my email setup.
I am using Debian testing on Thinkpad X201, have offlineimap from git (6.5.6.1-devel) and try to interrogate a local network imaps server running on Debian 3 (do not ask, not under my control).
Offlineimap works just fine as long as I do not use SSL. As soon as I use SSL I get a message "wrong version of SSL" and a long row of exceptions.
I tried prior to moving to the git version of offlineimap the debian package which is 6.3. It did not work on SSL either, hence the move.
Querying the server showed it was offering me TLS1/SSLv3, which is deprecated IIRC. I guess, but am unable to figure out that python-openssl (the library providing SSL to offlineimap) does not support SSL v3.
I will be back on the network I try to access in a few days, so I will not be able to report back before Friday or so.
Perhaps you could try installing Evolution, or Thunderbird. The installation process of these may ( should ) bring along whatever is needed for the latest ssl version, no ?
Just a thought.
Simply curious, but what exactly does offlineimap do for you that TB or Evolution could not ? Afer a quick glance at the website of offlineimap, I must be missing something. An IMAP server already does sync across multiple clients - so what is the attraction ?
I suggest you contact whoever administers the IMAP server and tell them about the serious security issues using SSL3. See for example https://www.debian.org/security/2014/dsa-3053 Regardless, Debian 3 is completely unsupported.
If the argument for not upgrading the server is along the lines of "this machine is on an internal network that is considered 'safe'" then I guess it would imply that SSL is not needed at all and therefore you don't need to use is. Note that I think this is a completely unsatisfactory approach.
If however you do need SSL, then you should not be using SSL3.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.