Hi Eric,

Thanks for the tip, we expect the update.

Best regards,
Nikolay

On Thu, Oct 16, 2014 at 11:05 PM, Peter Peltonen <[email protected]>
wrote:

> Hi,
>
> On Thu, Oct 16, 2014 at 1:51 AM, Eric Shubert <[email protected]> wrote:
>
> > In order to disable SSLv3, you need to change your cyphers list in
> > /etc/dovecot/toaster.conf file for dovecot, and
> > /var/qmail/control/tlsserverciphers for qmail-smtpd.
> >
> > If you turn off SSLv3, that includes TLS, so you'd better turn off plain
> and
> > login authentication methods as well. Looks like digest-md5 or cram-md5
> > would be the only non-plain-text authentication methods available. I
> imagine
> > Dan's loving that. ;)
>
> Regarding this StackExchange information:
>
>
> http://security.stackexchange.com/questions/70832/why-doesnt-the-tls-protocol-work-without-the-sslv3-ciphersuites
>
> there is no need to disable ciphers, but only SSL v3 protocol (POODLE
> is a protocol, not cipher, problem)?
>
> Here you can find software specific instructions for disabling SSL v3,
> including Dovecot:
>
>
> https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle
>
> I haven't tried these yet as it seems I need to upgrade my Dovecot
> installations first to be able to disable sslv3...
>
> Best,
> Peter
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>

Reply via email to