IMAP-UW is no longer developed, but it's still in wide use.
It's STARTTLS implementation lacks support for TLSv1.1/TLSv1.2. The TLSv1 is the only supported protocol. Note that native SSL mode (e.g. immediate SSL with no STARTTLS command) use all protocols supported by underlying OpenSSL library, including the SSLv3 (and even SSLv2 if avaiable). Neither STARTTLS nor native mode list of supported ciphers is configurable.
Nowadays, SSLv3 in native mode become unacceptable. And lack of support for TLSv1.2 in STARTTLS cause issues as well.
This patch introduce two c-client.conf options
set ssl-protocols
set ssl-cipher-list
Both options apply to both native and STARTTLS mode of operation.
The first one is the list of allowed protocols. It's the same as Apache's SSLProtocol option. Example (enable all but SSLv2/SSLv3):
set ssl-protocols All -SSLv2 -SSLv3
The second one is the list of ciphers supported. It use 'openssl ciphers' format. Example:
set ssl-cipher-list HIGH:!ADH:!EXPORT56:!aNULL