Reindl Harald:

that attacks are not relevant for email because they
rely on the way a webbrowser works which is not the
case for a mail client - you can't trigger XSS and
Ajax in a MUA

sure, that may be right, but

We manage numerous public available services. And every time we go through our
Qualys reports I have to explain this message from Qualys as not relevant/harmless/cannot change.
It takes time to describe this fact again and again to our it-security people.

And there are many other people in the same situation like me...
That's my main intention to ask how to disable ssl compression in dovecot.

Andreas

Reply via email to