Hi all,
Wondering how I need to disable SSLv3 on Dovecot. This is to mitigate the POODLE vulnerability. I tried to search for it but don't get anythingfreebsd FreeBSD-specific. I tried to apply the RedHat instructions but that failed (https://access.redhat.com/solutions/120383).
Seems like
is the way to go. With !SSLv3 I get a configuration error. Do I need to explicitly enable TLS for that to work?
I used something like this
I don't get an error now. However when I try with
Note that I'm using Dovecot 1.x. Should I migrate to Dovecot 2?
Thanks in advance!
Wondering how I need to disable SSLv3 on Dovecot. This is to mitigate the POODLE vulnerability. I tried to search for it but don't get anything
Seems like
Code:
ssl_cipher_list = HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
I used something like this
Code:
ssl_cipher_list = ALL:+TLSv1:!LOW:!SSLv2:!SSLv3
openssl s_client -connect host:port
I don't get an SSL session anymore (while I do get a TCP connection). I did got a session when this line wasn't in the configuration.Note that I'm using Dovecot 1.x. Should I migrate to Dovecot 2?
Thanks in advance!