Hi Ken, > I do see that with an update Dovecot 2.1 or later there is a fix that > would allow the servers to pass a PCI scan: > https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle > > That would be nice for those nervous customers.
Yeah, there are some really nice features in the new Dovecot and that makes it really worthwhile to bite into the sour apple and no longer depend on upstream to provide Dovecot for us. Last week I tried to disable SSLv3 with the stock Dovecot on a 5207R and it then simply wouldn't handle any encrypted connections anymore. Not even TLSv1.0 and most definitely not TLSv1.2. So I'll build an updated version once I'm back from my holiday and it'll have SSLv3 disabled. -- With best regards Michael Stauber _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx