Hi Jack: Am 21.07.16 23:58 schrieb(en) Jack:
Is there any (reasonably easy) way to determine which version is actually being used? I've tried balsa -d with debug checked in the config page, but don't see anything useful. In the popfile log, I see "pop3: 529: Attempting to connect to SSL server at pop.gmail.com:995" but a few lines later I see "auth plaintext". I suppose next I'll start digging into the ssl config itself to see what logging it does. I really don't want to have to resort to setting up wireshark, but I suppose it's an option to be certain.
Wireshark is actually the most easy way: - choose the proper interface - set "tcp.port == 995 && ssl.handshake" as filter In the dump, the "Protocol" column will show the protocol version being used (TLSv1 or TLSv1.1 or TLSv1.2 - only the latter should be used). You may want to look into the packet details to see the negotiated cipher, etc. Note that even if Balsa offers (in the client hello negotiation phase) TLSv1.2, the server may force the connection to use TLSv1. The "auth plaintext" operation is absolutely safe if it is performed over an encrypted connection. Hth, Albrecht.
Attachment:
pgpUGmWPwNht9.pgp
Description: PGP signature