Cyrus IMAP 2.4.18 released
morgan at orst.edu
Mon Jul 6 16:38:16 EDT 2015
On Mon, 6 Jul 2015, Sebastian Hagedorn wrote:
> --On 6. Juli 2015 14:23:11 +1000 ellie timoney <ellie at fastmail.com> wrote:
>> Please consult the release notes before upgrading to 2.4.18:
> The big one is this: "Disable use of SSLv2/SSLv3"
> When I look at our log files, I see that there are still several hundred
> SSLv3 connections per day. I'm worried that not all clients used by our users
> support TLSv1. One such client appears to be Outlook 2003. Has anybody else
> (especially in education) already turned off SSLv3? What were your
I had similar concerns when I was making SSLv3 and cipher changes to my
LDAP service. I wanted to proactively identify any clients that would be
affected so we could fix them in advance.
I used tshark to sniff the ciphers for all my incoming connections, but
you can also get the TLS version used from the output.
I wrote it up in a blog post here:
NOTE: This does not require access to your private key because there is no
decryption of data.
More information about the Info-cyrus