Outlook 2007 and other old mail clients not able to use SSL/TLS connection

Symptoms

Old mail client such as Outlook 2007 is not able to send a mail via SSL/TLS.

/var/log/maillog contains the following error message from Postfix and Courier:

courier-imaps: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
 postfix/smtpd[17918]: warning: TLS library problem: 21146:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

or

postfix/smtpd: warning: TLS library problem: 7346:error:1408F10B:SSL routlines: SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1387

Cause

SSLv3 support was disabled.

Resolution

Update Outlook version.

OR

Connect to the server using SSH and enable backward compatibility with old mail clients:

1. Set TLS_PROTOCOL=SSL23 in /etc/courier-imap/pop3d-ssl and /etc/courier-imap/imapd-ssl .

   Note . SSL23 will enable all SSL/TLS protocols.

2. Edit /etc/postfix/main.cf and set the following:

   smtp_tls_security_level = may
    tls_medium_cipherlist = MEDIUM:!aNULL:!MD5

3. Reload both Postfix and Courier services:

   # service postfix reload && service courier reload