KImap makes the assumption that TLSv1 is equal to STARTTLS https://github.com/KDE/kimap/blob/35464c7fd3858d70c8ac0558ecece216e3a95398/src/loginjob.cpp#L254 This is incorrect as STARTTLS is independent from the protocol version used for cryptography. In turn it is not possible to use newer TLS version such as v1.1 or v1.2. Also it is not possible to use TLS 1.0 on ports without STARTTLS. A workaround at the moment is to enable imaps (imap without STARTTLS) on a different port to allow modern TLS version.
Ksmtp suffers from the same bug. However there is no bugtracker category for Ksmtp yet. I wrote a longer explanation for Ksmtp here: https://github.com/KDE/ksmtp/commit/e83911f9d1963b5e7181932960f999f331b4a5f9#r29145231
ksmtp has now its own ticket: https://bugs.kde.org/show_bug.cgi?id=394770
Git commit b6c4ee82160da39ad7cff4c54360912f393aabd2 by Daniel Vrátil. Committed on 03/06/2018 at 17:43. Pushed by dvratil into branch 'Applications/18.04'. Fix TLS vs STARTTLS handling Allow only choosing between no encryption, SSL/TLS or STARTTLS and let KTcpSocket negotiate the best encryption protocol with the server. FIXED-IN: 5.8.2 M +22 -48 src/loginjob.cpp M +10 -5 src/loginjob.h M +1 -4 src/session.cpp https://commits.kde.org/kimap/b6c4ee82160da39ad7cff4c54360912f393aabd2
Thanks a lot!
Hello. I just applied the patch at https://commits.kde.org/kimap/b6c4ee82160da39ad7cff4c54360912f393aabd2 to kimap-17.12.3. The account can't connect any more. When I restart akonadi it says in the console: org.kde.pim.kimap: STARTTLS not supported by server!