I dont know if its an option, but i suggest have a look here : multiple packages for postfix on centos 6 http://pkgs.org/search/postfix?type=name or https://solusipse.net/blog/posts/compiling-postfix-with-postgresql-support-on-centos-7/ Not for the postgresql, but just for the upgrade of postfix. Greetz, Louis
Van: Abid Hussain [mailto:abid.hussai...@gmail.com] Verzonden: dinsdag 18 augustus 2015 10:43 Aan: L.P.H. van Belle Onderwerp: Re: FW: SSL Renegotiation Attack "Disabling reneotiation" Thanks for prompt reply i am using CentOS 6.5. Yes i do not have an option to upgrade it :(. I want to stop it for DoS attack as my testing team has reported it. falling back to ssl V2 adds many other vulnerabilities :( Thanks and Regards, Abid On Tue, Aug 18, 2015 at 1:36 PM, L.P.H. van Belle <be...@bazuin.nl> wrote: Hai, As far as i know, no. Unless you are forceing all clients to use SSLv2 only (since that doesn't support renegotiation). Are you sure you want to disable it and not just prevent old clients from using the vulnerable renegotiation methods? If it's the last you'll need to upgrade to 2.8+ to get access to tls_disable_workarounds. you have 2 problems. - One is the vulnerable methods - the other is renegotiation is considered a denial of service vulnerability.. You really dont have any option to upgrade.. Whats the os your running? Greetz, Louis >-----Oorspronkelijk bericht----- >Van: abid.hussai...@gmail.com >[mailto:owner- ] Namens Abid Hussain >Verzonden: dinsdag 18 augustus 2015 10:29 >Aan: postfix-users@postfix.org >Onderwerp: SSL Renegotiation Attack "Disabling reneotiation" > >Dear All, > >I am using postfix 2.6 and currently cannot upgrade it. kindly >advise how >renegotiation can be disabled completely. Probably a command in >configuration file. > > >regards, >Abid > > > >-- >View this message in context: >http://postfix.1071664.n5.nabble.com/SSL-Renegotiation-Attack-D >isabling-reneotiation-tp78708.html >Sent from the Postfix Users mailing list archive at Nabble.com. > >
