Cyrus IMAP 2.4.18 released
Andrew Morgan
morgan at orst.edu
Mon Jul 6 16:38:16 EDT 2015
On Mon, 6 Jul 2015, Sebastian Hagedorn wrote:
> --On 6. Juli 2015 14:23:11 +1000 ellie timoney <ellie at fastmail.com> wrote:
>
>> Please consult the release notes before upgrading to 2.4.18:
>>
>> https://docs.cyrus.foundation/imap/release-notes/2.4-current.html
>
> The big one is this: "Disable use of SSLv2/SSLv3"
>
> When I look at our log files, I see that there are still several hundred
> SSLv3 connections per day. I'm worried that not all clients used by our users
> support TLSv1. One such client appears to be Outlook 2003. Has anybody else
> (especially in education) already turned off SSLv3? What were your
> experiences?
I had similar concerns when I was making SSLv3 and cipher changes to my
LDAP service. I wanted to proactively identify any clients that would be
affected so we could fix them in advance.
I used tshark to sniff the ciphers for all my incoming connections, but
you can also get the TLS version used from the output.
I wrote it up in a blog post here:
http://blogs.oregonstate.edu/sysadmin/2015/07/01/tracking-ssltls-cipher-usage/
NOTE: This does not require access to your private key because there is no
decryption of data.
Andy
More information about the Info-cyrus
mailing list