Client-initiated secure renegotiation

djk djk at tobit.co.uk
Wed Mar 9 12:14:47 UTC 2016


On 09/03/16 10:44, Florent B wrote:
> Hi,
>
> I don't see any SSL configuration option in Dovecot to disable
> "Client-initiated secure renegotiation".
>
> It is advised to disable it as it can cause DDoS (CVE-2011-1473).
>
> Is it possible to have this possibility through an SSL option or other ?
>
> Thank you.
>
> Florent
ssl_protocols = !SSLv3 !SSLv2

Is that enough?


More information about the dovecot mailing list