[Dovecot] Heartbleed openssl vulnerability?

Robert Schetterer rs at sys4.de
Wed Apr 9 20:36:35 UTC 2014


Am 09.04.2014 20:13, schrieb Charles Marcus:
> On 4/9/2014 1:03 PM, Robert Schetterer <rs at sys4.de> wrote:
>> Am 09.04.2014 18:42, schrieb Charles Marcus:
>>> >What are the ramifications of changing this on a production server? Any
>>> >possible problems/gotchas? user impact?
>> in my understanding change ssl key and crts , do all needed ssl updates
>> keep performance mode, if unsure change all passwords too
> 
> ???
> 
> I was asking about the ramifications of switching from high performance
> mode to high security mode.
> 
> Not the ramifications of the security compromise.
> 

i switched to performance mode when pop3 logins rised up to more then
1000 per minute, i did not see any significant rise or low of ram
switching between modes, but i have no data for massive imap logins,
dovecot in general is not very memory hungry, for exact compare data you
might wait for Timo to answer, or do some measure by yourself


Best Regards
MfG Robert Schetterer

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein


More information about the dovecot mailing list