Re: [exim] Problem disabling SSLv3 ciphers on Exim 4.72 to d…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Frank Elsner
Date:  
À: exim-users
CC: Phil Pennock, TPCexim
Sujet: Re: [exim] Problem disabling SSLv3 ciphers on Exim 4.72 to deal with Poodle vunerability (CVE-2014-3566)
On Mon, 20 Oct 2014 19:31:21 +0000 Phil Pennock wrote:
> On 2014-10-16 at 17:49 +0100, TPCexim@??? wrote:
> >     I have been going round and round in circles trying to do this :-{. I have tried lots of different incantations using tls_require_ciphers but without success.  
> > My exim which came ready built in an RPM is linked with OpenSSL rather than GnuTLS. I am using 'nmap --script ssl-enum-ciphers -p 465' to see what ciphers are offered.

>
> The instructions are in:
>
> https://lists.exim.org/lurker/message/20141017.093614.e5c38176.en.html
>
> Note: you are using OpenSSL, so the `openssl_options` Exim option is the
> one which you need to set. OpenSSL does not permit using a cipherspec


Sorry, but I can't find 'openssl_options` in the doc for exim-4.72.
                                                                ^^
NewStuff introduces this option for version 4.73.



Kind regards, Frank Elsner