ginal config.
thanks again,
Colin
On 20-05-2014 14:25, Viktor Dukhovni wrote:
On Tue, May 20, 2014 at 02:11:34PM +0100, Colin Fowler wrote:
>Opportunistic TLS is sometimes counter-intuitive, attempting to
>make it stronger by removing weaker features actually makes it
>
Thank you Viktor for your reply!
On 20-05-2014 13:44, Viktor Dukhovni wrote:
On Tue, May 20, 2014 at 02:25:49PM +0200, Thomas Leuxner wrote:
In any case you miserably failed to elaborate how to mitigate
the issue other than stating 'revert the change'.
Without defending the tone of that advi
On 20-05-2014 12:16, li...@rhsoft.net wrote:
Am 20.05.2014 13:03, schrieb Colin Fowler:
ADH is susceptible to MITM attacks, but I can't seem to turn it off.
I've tried various permutations of
tls_preempt_cipherlist = yes
tls_high_cipherlist (with !DH and !ADH)
smtpd_tls_mandatory
ADH is susceptible to MITM attacks, but I can't seem to turn it off.
I've tried various permutations of
tls_preempt_cipherlist = yes
tls_high_cipherlist (with !DH and !ADH)
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers = high
I'm running 2.9.6 on Debian Wheezy.
An
