Hi Eric, Thanks for the tip, we expect the update.
Best regards, Nikolay On Thu, Oct 16, 2014 at 11:05 PM, Peter Peltonen <[email protected]> wrote: > Hi, > > On Thu, Oct 16, 2014 at 1:51 AM, Eric Shubert <[email protected]> wrote: > > > In order to disable SSLv3, you need to change your cyphers list in > > /etc/dovecot/toaster.conf file for dovecot, and > > /var/qmail/control/tlsserverciphers for qmail-smtpd. > > > > If you turn off SSLv3, that includes TLS, so you'd better turn off plain > and > > login authentication methods as well. Looks like digest-md5 or cram-md5 > > would be the only non-plain-text authentication methods available. I > imagine > > Dan's loving that. ;) > > Regarding this StackExchange information: > > > http://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites > > there is no need to disable ciphers, but only SSL v3 protocol (POODLE > is a protocol, not cipher, problem)? > > Here you can find software specific instructions for disabling SSL v3, > including Dovecot: > > > https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle > > I haven't tried these yet as it seems I need to upgrade my Dovecot > installations first to be able to disable sslv3... > > Best, > Peter > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
