24 Apr
2014
24 Apr
'14
1:15 a.m.
Am 23.04.2014 23:52, schrieb Andreas Schulze:
Reindl Harald:
that attacks are not relevant for email because they rely on the way a webbrowser works which is not the case for a mail client - you can't trigger XSS and Ajax in a MUA
sure, that may be right, but
We manage numerous public available services. And every time we go through our Qualys reports
https://www.ssllabs.com/ssltest/ just don't alow anything other than https and port 443 - what reports are you speaking about?
I have to explain this message from Qualys as not relevant/harmless/cannot change
so what - which fools are allowed to audit you while have no clue what they are talking about?