Hi,I AM using Webuzo panel who is running Exim 4.72 who seems to be vulnerable
to POODLE attack and SSL 3.
I cannot update Exim from SSH because will be incompatibile with the panel so I
must wait a fix from the panel Staff who are taking very long time and have
issue on integrating Exim.
In my exim.confI have
tls_require_ciphers = HIGH:MEDIUM:+TLSv1.2:!SSLv2
if I add :!SSLv3
save and restart outgoing email from Thunderbord and smartphone not work.If I
remove the :!SSLv3 final works but there are vulnerability.
If just disable SSlv3 this is ignored as seems in Exim 4.72 I can't disable SSL
3.
In the time I wait a fix from softaculouscan I do something to fix the issue of
SSL 3 and POODLE attack?
I AM on CentOs
Thanks.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
