Hi Sam,
the right way to test is:
openssl s_client -connect MXIP:25 -starttls smtp
and with my ciphers list works fine, but only apparently, in fact
disable SSLv3 with !SSLv3 also disable TLSv1.0 and TLSv1.1, so only
TLSv1.2 is available.
With this configuiration SMTP servers that support
I think you can test it by using the openssl client from the command line:
openssl s_client -ssl3 -connect SERVERNAME:PORT
If it connects and you see Protocol: SSLv3, it's not disabled. If you see
sslv3 alert handshake failure and it doesn't connect, you're done!
-- Sam Clippinger
