Re: [exim] POODLE...

Top Page
Delete this message
Reply to this message
Author: TPCexim
Date:  
To: exim-users
CC: TPCexim, jgh
Subject: Re: [exim] POODLE...
>
> On 16/10/14 09:03, Marco Gaiarin wrote:
> >
> >     http://security.stackexchange.com/questions/70719/ssl3-poodle-vulnerability

> >
> > How to disable SSL 3.0 in exim?
> >
> > Precisely, in debian exim for squeeze (4.72-6+squeeze4) and wheezy (4.80-7)?
> >
> >
> > Seems to me i've to use 'gnutls_require_protocols', but i've not found
> > documentation about it...
>
> tls_require_ciphers = NORMAL:-VERS-SSL3.0


Thanks. I just tried that. 'nmap --script ssl-enum-ciphers -p 465' reports no ciphers are offered -- as with most of my other recipes mnetioned further up this thread.

Cheers
Tom.

-- 
Tom Crane, Dept. Physics, Royal Holloway, University of London, Egham Hill,
Egham, Surrey, TW20 0EX, England. 
Email:  T.Crane@???
Fax:    +44 (0) 1784 472794