13 Mar
2023
13 Mar
'23
3:24 p.m.
Hello, is there any way to disallow client-initiated renegotiation at the dovecot? I haven't found any mention of this feature within source code as well as at the documentation.
I am asking about it because without this feature mail server is vulnerable to a TLS renegotiation DoS attack which can consume a lot of CPU and is harder to combat comparing to a basic TLS connections flood.