9 Jan
2015
9 Jan
'15
9:07 a.m.
Hi all, when hardening dovecot against the POODLE vulnerability, we followed the advise to disable SSL2 and SSL3 but this is giving problems with some email clients (claws-mail).
ssl_protocols = !SSLv2 !SSLv3
results in the following error:
dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher, session=<2C8jBjIMmQBVGNd1>
Our smtp server is postfix, can you please suggest a better 'ssl_protocols' and 'ssl_cipher_list' configuration ? We are running Debian 7 Wheezy
Thank you, RuggedInbox team