SUMMARY

Two of the IMAP servers I need to use for work use old, insecure TLS versions that are rejected by the default OpenSSL configuration on Ubuntu 20.04. This is a good thing and I would like to keep the configuration as it is as much as possible.

QSslSocket emits errorOccurred(QAbstractSocket::SslHandshakeFailedError) and immediately closes the socket. The sslErrors() list is not populated.

Upon encountering this, the IMAP resource simply tries to connect again -- endlessly it seems. It should instead provide a hint that there was an SSL error.

See https://askubuntu.com/a/1233456 for a discussion of the OpenSSL configuration issue in Debian/Ubuntu.

STEPS TO REPRODUCE

1. Find a super outdated IMAP server.
2. Configure KMail to connect to it.

OBSERVED RESULT

The resource appears connected but the account doesn't appear in KMail. In fact, it can open a socket but initiating encryption fails. New connections are attempted in a busy loop, which can potentially trigger a temporary ban.

EXPECTED RESULT

The resource reports a failure and doesn't attempt to connect more than N times.

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: KDE Neon based on Ubuntu 20.04.
(available in About System)
KDE Plasma Version: 5.21.3
KDE Frameworks Version: 5.80.0
Qt Version: 5.12.2