Re: [PATCH]: SSL options to disable SSLv2

From: Christian von Roques (no email)
Date: Thu Sep 08 2005 - 17:27:59 EDT

  • Next message: Noel Jones: "Re: smtpd_client_restrictions"

    David Hill <> writes:
    > My tally is:
    > 150188 TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    > 38037 TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
    > 4027 SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    > 691 TLSv1 with cipher RC4-SHA (128/128 bits)
    > 483 TLSv1 with cipher AES256-SHA (256/256 bits)
    > 372 TLSv1 with cipher RC4-MD5 (128/128 bits)
    > 309 SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
    > 108 TLSv1 with cipher DES-CBC3-SHA (168/168 bits)
    > 89 SSLv3 with cipher DES-CBC3-SHA (168/168 bits)
    > 10 SSLv3 with cipher RC4-MD5 (128/128 bits)
    > 5 SSLv3 with cipher RC4-SHA (128/128 bits)
    > 1 SSLv2 with cipher DES-CBC3-MD5 (168/168 bits)
            ^^^^^

    Can you please try to find out what software actually negotiated a
    SSLv2 connection? All SSLv2 connections in our maillogs were
    caused by me running "openssl s_client -ssl2 -starttls smtp".

            Christian.


  • Next message: Noel Jones: "Re: smtpd_client_restrictions"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD