dovecot on wheezy, best ssl configuration ?
ml at ruggedinbox.com
ml at ruggedinbox.com
Fri Jan 9 07:07:13 UTC 2015
Hi all, when hardening dovecot against the POODLE vulnerability,
we followed the advise to disable SSL2 and SSL3
but this is giving problems with some email clients (claws-mail).
ssl_protocols = !SSLv2 !SSLv3
results in the following error:
dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>,
rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed:
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher,
session=<2C8jBjIMmQBVGNd1>
Our smtp server is postfix, can you please suggest a better
'ssl_protocols' and 'ssl_cipher_list' configuration ?
We are running Debian 7 Wheezy
Thank you,
RuggedInbox team
More information about the dovecot
mailing list