On 15 Oct 2014, at 11:08 , Mike Cardwell <post...@lists.grepular.com> wrote: > I'd be interested to hear figures regarding how much traffic would > change from being encrypted to plain text if SSLv3 was dropped for > SMTP...
Well, my server has it enabled and it's used. I don't think there's a problem with it for smtpd. This is what my home connection to my server looks like: submit-tls/smtpd[10060]: xx.xx.xx.xx: reloaded session EB75...&s=submission&l=268439711 from smtpd cache submit-tls/smtpd[10060]: SSL_accept:SSLv3 read client hello A submit-tls/smtpd[10060]: SSL_accept:SSLv3 write server hello A submit-tls/smtpd[10060]: SSL_accept:SSLv3 write change cipher spec A submit-tls/smtpd[10060]: SSL_accept:SSLv3 write finished A submit-tls/smtpd[10060]: SSL_accept:SSLv3 flush data submit-tls/smtpd[10060]: SSL_accept:SSLv3 read finished A submit-tls/smtpd[10060]: xx.xx.xx.xx: Reusing old session submit-tls/smtpd[10060]: Anonymous TLS connection established from xx.xx.xx.xx: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits) submit-tls/smtpd[10060]: BB44E50D490: client=xx.xx.xx.xx, sasl_method=PLAIN, sasl_username=kreme Is there any sort of vector against smtpd? -- Suddenly the animals look shiny and new
