1. First, you made a post on something that wanted no assistance. If you believe you have a real bug, please send to support.
2. Second, please do not announce what does not work unless you know for certain that it does not. Regarding this thread, I am using 8.5.2 with Gmail TLS 64-bit and it works fine.
I have a google account, a ymail account , a gmx account.
Three errors with TLS 1.2.
30.06.2018, 10:25:50: IMAP - Connecting IMAP server imap.gmail.com to port 993 30.06.2018, 10:25:50: IMAP - TLS handshake started ! 30.06.2018, 10:25:50: IMAP - TLS handshake failed. Existing connections have been forced terminated by a remote host
30.06.2018, 10:25:50: IMAP - Connecting IMAP server imap.gmail.com to port 993 30.06.2018, 10:25:50: IMAP - TLS handshake started ! 30.06.2018, 10:25:50: IMAP - TLS handshake failed. Existing connections have been forced terminated by a remote host
Commenting on the 1st reply: 8.5.2 is broken, it does not work with my Office365 account too for example. If an update to an email client breaks a key function even in some cases - it is broken by definition, and this thread's caption is in order. Some of us depend on our emails, updates MUST be tested thoroughly before going public. This is not a beta or a pre-release.
What you're saying is that because it doesn't work for *you* it doesn't work for others. I looked at the beta test logs and Office365 was successfully tested. Obviously, there is some nuance that applies to you, but not necessarily the rest of the world. And there will always be bugs to fix as there are far too many variations of a product as complex as TB! and the world of email to guarantee everything always works. There is a volunteer group to test beta releases and you might consider joining it. Active participation is always welcome there.
This version resolves TLS 1.2 compatibility issues. Connection failures were caused by mail server servers which aborted the connection unless The Bat! sends signature_algorithms ClientHello extension on TLS 1.2. To resolve this incompatibility, The Bat! since version 8.5.4 always sends the signature_algorithms extension during TLS 1.2 handshake.
This version resolves TLS 1.2 compatibility issues. Connection failures were caused by mail server servers which aborted the connection unless The Bat! sends signature_algorithms ClientHello extension on TLS 1.2. To resolve this incompatibility, The Bat! since version 8.5.4 always sends the signature_algorithms extension during TLS 1.2 handshake.
Hello,
It works well with The Bat! 8.5.4 . I have no longer TLS problems. I can now reactivate Kaspersky.
This version resolves TLS 1.2 compatibility issues. Connection failures were caused by mail server servers which aborted the connection unless The Bat! sends signature_algorithms ClientHello extension on TLS 1.2. To resolve this incompatibility, The Bat! since version 8.5.4 always sends the signature_algorithms extension during TLS 1.2 handshake.
Thanks for the update, however I can't still download email from Gmail even with 8.5.4, server still reports TLS error: Handshake failure. According to the log, it started happening with 8.4 on 2018-07-06 around 21:00 UTC.
but server immediately responds with Handshake failure. I'm not running any antivirus besides Windows Defender. Could you please look into it? What other information can I provide for you to debug? Thank you!
UPDATE
When /TLS_VERSION_RANGE:3-3 is removed I can connect just fine. Debugged the issue a bit and the reason Gmail rejects the connection with /TLS_VERSION_RANGE:3-3 is that in that case The Bat advertises cipher suites that Gmail doesn't support, see High-Tech Bridge SSLScan results.
The Bat's advertised cipher suites (16 suites) without /TLS_VERSION_RANGE:3-3:
So The Bat with /TLS_VERSION_RANGE:3-3 advertises only AES-CBC SHA256 ciphersuites, while Gmail uses AES-GCM and ChaCha20-Poly1305 ciphersuites with SHA256.
Pretty please, can we get Gmail's preferred cipher suites in The Bat too and enabled when only TLS 1.2 is requested? Thanks!
Edited: foo bar - 07 July 2018 20:11:47(Debugged the problem, adding ciphersuite lists)