> > On 16/10/14 09:03, Marco Gaiarin wrote: > > > > > > http://security.stackexchange.com/questions/70719/ssl3-poodle-vulnerability > > > > How to disable SSL 3.0 in exim? > > > > Precisely, in debian exim for squeeze (4.72-6+squeeze4) and wheezy (4.80-7)? > > > > > > Seems to me i've to use 'gnutls_require_protocols', but i've not found > > documentation about it... > > tls_require_ciphers = NORMAL:-VERS-SSL3.0
Thanks. I just tried that. 'nmap --script ssl-enum-ciphers -p 465' reports no ciphers are offered -- as with most of my other recipes mnetioned further up this thread. Cheers Tom. -- Tom Crane, Dept. Physics, Royal Holloway, University of London, Egham Hill, Egham, Surrey, TW20 0EX, England. Email: [email protected] Fax: +44 (0) 1784 472794 -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
