
<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div><blockquote type="cite" class=""><div class="">On 10 Jul 2015, at 10:08, Jules Field &lt;<a href="mailto:Jules@ecs.soton.ac.uk" class="">Jules@ecs.soton.ac.uk</a>&gt; wrote:</div><div class=""><div bgcolor="#FFFFFF" text="#000000" class=""><br class="">

    <div class="moz-cite-prefix">On 10/07/2015 09:38, Tim Chown wrote:<br class="">

    </div>

    <blockquote cite="mid:5624E04E-DDBA-4599-AA01-0F25014F7108@ecs.soton.ac.uk" type="cite" class="">

      <meta http-equiv="Content-Type" content="text/html;

        charset=windows-1252" class="">

      <div class="">

        <blockquote type="cite" class="">

          <div class="">On 9 Jul 2015, at 16:39, Jules Field &lt;<a moz-do-not-send="true" href="mailto:Jules@ecs.soton.ac.uk" class=""></a><a class="moz-txt-link-abbreviated" href="mailto:Jules@ecs.soton.ac.uk">Jules@ecs.soton.ac.uk</a>&gt; wrote:</div>

          <div class="">

            <blockquote type="cite" class=""><br class="">

            </blockquote>

            smtp.ecs would offer an export-grade cipher, which OS X

            would refuse to use and then not opt to use something

            better. i *think* that's what was happening, none of the

            logs are detailed enough to show it well.<br class="">

            <br class="">

            Now it only offers ciphers which OS X (and everyone else)

            are happy with.<br class="">

          </div>

        </blockquote>

        <div class=""><br class="">

        </div>

        BTW, I wonder if in hindsight this ties in with Apple fixing the

        Logjam issue with its 30th June patch?</div>

      <div class=""><br class="">

      </div>

      <div class=""><a moz-do-not-send="true" href="https://blog.avira.com/logjam-vulnerability-threatens-thousands-of-https-websites-mail-servers/" class="">https://blog.avira.com/logjam-vulnerability-threatens-thousands-of-https-websites-mail-servers/</a></div>

    </blockquote>

    Yes, that sounds exactly right.<br class="">

    <blockquote cite="mid:5624E04E-DDBA-4599-AA01-0F25014F7108@ecs.soton.ac.uk" type="cite" class="">

      <div class=""><br class="">

      </div>

      <div class="">If so, I guess Andy doesn’t need to submit anything.</div>

    </blockquote>

    It is still doing some strange port-swapping negotiation, which

    seems odd. Unless it was because Mail.app was trying port 25 (what

    you had told it to use), failed to negotiate a non-export-grade

    cipher there, and automatically tried 587 as a 2nd attempt, in case

    your port number setting was wrong.<br class="">

    <br class="">

    So it *might* be by design, but still worth raising just so as to

    check the issue<br class="">

    </div></div></blockquote><br class=""></div><div>OK :)</div><div><br class=""></div><div>Tim</div><br class=""></body></html>