FREAK/Logjam, and SSL protocols to use

Ron Leach ronleach at
Tue May 26 14:37:39 UTC 2015

List, good afternoon,

I was reading up on a TLS Diffie Hellman protocol weakness described here

which is similar to the earlier FREAK attack, and can result in 
downgrade of cipher suites.

Part of the solution workaround that the researchers describe for 
Dovecot here

includes altering DH parameters length to 2048, and re-specifying the 
allowable cipher suites - they give their suggestion.

But the researchers make no comment on the allowable protocols that, 
in Dovecot, are controlled in 10-ssl.conf in the stanza headed

# SSL protocols to use
#ssl_protocols = !SSLv2

I couldn't find any advice on up-to-date SSL/TLS protocol settings in 
the Dovecot wiki, either (I looked in ).

At the moment our installation is using only the default settings for 
allowed protocols; I'm not sure what those defaults might be, but our 
10-ssl.conf may only be disallowing SSLv2, if the 'example' entry is 
the default.  We're running 2.2.15, and are due to upgrade to 2.2.18 
shortly; quite possibly the defaults differ in a more recent release.

What SSL protocols do folk on the list recommend should be allowed in 
Dovecot these days?  (Actually, I mean which protocols really 'must' 
be disallowed?)

regards, Ron

More information about the dovecot mailing list