dovecot on wheezy, best ssl configuration ?
Charles Marcus
CMarcus at Media-Brokers.com
Fri Jan 9 07:38:18 UTC 2015
doveconf -n output?
On 1/9/2015 2:07 AM, ml at ruggedinbox.com <ml at ruggedinbox.com> wrote:
> Hi all, when hardening dovecot against the POODLE vulnerability,
> we followed the advise to disable SSL2 and SSL3
> but this is giving problems with some email clients (claws-mail).
>
> ssl_protocols = !SSLv2 !SSLv3
>
> results in the following error:
>
> dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>,
> rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed:
> error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher,
> session=<2C8jBjIMmQBVGNd1>
>
> Our smtp server is postfix, can you please suggest a better
> 'ssl_protocols' and 'ssl_cipher_list' configuration ?
> We are running Debian 7 Wheezy
>
> Thank you,
> RuggedInbox team
>
More information about the dovecot
mailing list