10 Sep
2013
10 Sep
'13
2:09 a.m.
Am 09.09.2013 22:56, schrieb Darren Pilgrim:
I'm running Dovecot 2.2.5 and want to make it refuse SSLv2, SSLv3 and TLSv1.0. Clients will opportunistically use TLS 1.1 and 1.2, but now I want require they do so. Is it enough to set
ssl_cipher_list = HIGH:!SSLv2:!SSLv3:!TLSv1.0:!aNULL:!MD5 or are there additional settings I need to specify?
and what clients do you imagine to connect?
on most widely used distributions you even have no openssl version supporting TLS 1.2 and so you lock them all out