[rhelv6-list] SSLv3 and dovecot
Leon Fauster
leonfauster at googlemail.com
Tue Oct 21 14:37:20 UTC 2014
Am 21.10.2014 um 15:53 schrieb Cale Fairchild <cfairchild at brocku.ca>:
> From what I have read, the version of dovecot distributed in RedHat 6 does not allow SSLv3 to be disabled through the configuration file but rather must be patched in the source. Has anyone heard anything about a release with that patch applied?
>
> I am afraid with an educational site license I can not submit tickets, just Bugzilla reports which I do not believe will allow me to inquire the time frame of a fix. So I was hoping someone on this list with a support contract may have already inquired.
I do not run dovecot but have you tried to disable SSLv3 via "ssl_cipher_list"
parameter? A valid argument could be 'ALL:!SSLv2:!SSLv3' ...
--
LF
More information about the rhelv6-list
mailing list