Shehab Kazi writes:
Hi!"openssl ciphers" lists DES-CBC-MD5 as a supported cipher method for me so I fail to understand Courier not accepting such connections.(On a side note, is it that none of the SSLv2 ciphers work for you?)Given that TLS_CIPHER_LIST is not disallowing SSLv2 ciphers (as in my case) why doesn't Courier accept such connections?
Courier neither accepts, nor doesn't accept, anything. Courier passes along the selected configuration to OpenSSL, which implements cipher negotiation.
TLS_CIPHER_LIST="ALL:!ADH:@STRENGTH" should allow ALL cipher methods except anonymous DH cipher suites and eNULL.Also if I try to disable SSLv3 ciphers in TLS_CIPHER_LIST, Courier still accepts such connections! I've read that TLS_CIPHER_LIST is passed verbatim to OpenSSL, so in my
Correct.
case why are the changes I make in TLS_CIPHER_LIST not reflected?? The TLS_CIPHER_LIST is being completely ignored!
It is not being ignored for me. I also recall that you're running ancient versions of both OpenSSL and Courier-IMAP, so you should really update to the current versions, in any case.
pgpAujdeuHiZk.pgp
Description: PGP signature
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
