10 Apr
2014
10 Apr
'14
4:04 p.m.
Hello,
Our "it-security" department asked me about Qualys warnings like -> SSL/TLS Compression Algorithm Information Leakage Vulnerability
As far as I learned it's compression inside ssl. postfix-2.11 knows 'tls_ssl_options = no_compression' ( see http://www.postfix.org/postconf.5.html#tls_ssl_options )
is the something comparable in dovecot too?
Looks like most extensions in ssl exist only to be disabled :-/
Thanks Andreas