On Mon, 9 Jun 2014 10:16:43 +0200, you wrote:
>On Mon, Jun 09, 2014 at 08:39:52AM +0100, John Cox wrote:
>> Hi
>>
>> >>That's not correct no, I get plenty of TLS 1.0 trafic and it has been
>> >>the case for many years
>> >
>> >To parrot this on all of my various instances OpenSMTPD and not I get
yes, but DONT DO THAT unless you know what you're doing.
you have been warned: smtpd is safe by default and provide a SSL_CIPHERS
that has been tested and verified to be safe. changes that seem fine can
effectively break the security and interoperability. unless you know how
openssl/libressl manag
I think at build time you can fine-tune which ciphers you want by editing
ssl.h -- in particular the SSL_CIPHERS define.
--Adam
On Mon, 9 Jun 2014, Gilles Chehade wrote:
> On Mon, Jun 09, 2014 at 08:39:52AM +0100, John Cox wrote:
> > Hi
> >
> > >>That's not correct no, I get plenty of TLS 1.0 t
On Mon, Jun 09, 2014 at 08:39:52AM +0100, John Cox wrote:
> Hi
>
> >>That's not correct no, I get plenty of TLS 1.0 trafic and it has been
> >>the case for many years
> >
> >To parrot this on all of my various instances OpenSMTPD and not I get tons
> >of TLS 1.0 and SSLv3 traffic, I wish I didn't
Hi
>>That's not correct no, I get plenty of TLS 1.0 trafic and it has been
>>the case for many years
>
>To parrot this on all of my various instances OpenSMTPD and not I get tons
>of TLS 1.0 and SSLv3 traffic, I wish I didn't but it still happens. Heck
>every now and again I see SSLv2 attempts whi
Gilles Chehade wrote, On 06/08/14 05:40:
On Sat, Jun 07, 2014 at 03:40:12PM -0700, Clint Pachl wrote:
Is there a way to configure smtpd to only use specified ciphers or limit it
to TLSv1.[12]?
I'm looking for something similar to Dovecot's `ssl_cipher_list` or Nginx's
`ssl_ciphers` or `ssl_prot
>That's not correct no, I get plenty of TLS 1.0 trafic and it has been
>the case for many years
To parrot this on all of my various instances OpenSMTPD and not I get tons
of TLS 1.0 and SSLv3 traffic, I wish I didn't but it still happens. Heck
every now and again I see SSLv2 attempts which for mos
On Sat, Jun 07, 2014 at 03:40:12PM -0700, Clint Pachl wrote:
> Is there a way to configure smtpd to only use specified ciphers or limit it
> to TLSv1.[12]?
>
> I'm looking for something similar to Dovecot's `ssl_cipher_list` or Nginx's
> `ssl_ciphers` or `ssl_protocols` configuration directives.
>
Is there a way to configure smtpd to only use specified ciphers or limit
it to TLSv1.[12]?
I'm looking for something similar to Dovecot's `ssl_cipher_list` or
Nginx's `ssl_ciphers` or `ssl_protocols` configuration directives.
The reason I ask is because I'm very close to failing my PCI compli