OK, I hate to be so stupid, but I need some help and can't seem to locate anyone knowledgeable so far:
In 10-ssl.conf I added: ssl_protocols = !SSLv2 !SSLv3 (to no avail so i think I am not patched) Would appreciate some helpful comments / guidance please... I did a fresh install of 12.04.5 on another machine, thinking that there had been a patch for dovecot, but I am still getting this error, so I assume it is not patched in 12.04.5 ? Or how do I get the patch installed? This accepts the login: `openssl s_client -connect localhost:993 -ssl3` This gives an error: `openssl s_client -connect localhost:465 -ssl3` "139852816377504:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:59" This too gives an error: `openssl s_client -connect localhost:25 -ssl3` "140205816501920:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:339" So if I go to a poodle website and check, they return OK for Poodle EXCEPT for 993 port, do you know what I am doing wrong? BTW, these are the exact results from my long running 12.04.4 ubuntu, and we need to stay on 12.04 for now. Throw me a bone, please - give me some detailed instructions of how I can fix this, thank you. My goal is to have port 25, 587, 465, 993, etc all !SSLv3 compliant. Thank you -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to dovecot in Ubuntu. https://bugs.launchpad.net/bugs/1381537 Title: Dovecot version in precise too old to switch off SSLv3 protocol for "poodle" fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1381537/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
