On 16/10/14 09:03, Marco Gaiarin wrote: > > > http://security.stackexchange.com/questions/70719/ssl3-poodle-vulnerability > > How to disable SSL 3.0 in exim? > > Precisely, in debian exim for squeeze (4.72-6+squeeze4) and wheezy (4.80-7)? > > > Seems to me i've to use 'gnutls_require_protocols', but i've not found > documentation about it...
tls_require_ciphers = NORMAL:-VERS-SSL3.0 However, be aware you may no longer talk TLS at all to some sites thus *increasing* your data's exposure. Suggest you trawl your logs for occurences of "X=SSL" to see if it's anyone you care about. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
