Cyrus IMAP 2.4.18 released

Sebastian Hagedorn Hagedorn at
Tue Jul 7 08:42:14 EDT 2015

--On 6. Juli 2015 13:38:16 -0700 Andrew Morgan <morgan at> wrote:

> On Mon, 6 Jul 2015, Sebastian Hagedorn wrote:
>> --On 6. Juli 2015 14:23:11 +1000 ellie timoney <ellie at>
>> wrote:
>>> Please consult the release notes before upgrading to 2.4.18:
>> The big one is this: "Disable use of SSLv2/SSLv3"
>> When I look at our log files, I see that there are still several hundred
>> SSLv3 connections per day. I'm worried that not all clients used by our
>> users  support TLSv1. One such client appears to be Outlook 2003. Has
>> anybody else  (especially in education) already turned off SSLv3? What
>> were your  experiences?
> I had similar concerns when I was making SSLv3 and cipher changes to my
> LDAP service.  I wanted to proactively identify any clients that would be
> affected so we could fix them in advance.
> I used tshark to sniff the ciphers for all my incoming connections, but
> you can also get the TLS version used from the output.
> I wrote it up in a blog post here:
> sage/

Thanks for your reply! Our Cyrus server is still running RHEL 5, and its 
tshark binary doesn't yet support the "-2" flag. I see that it's supposed 
to "Perform a two-pass analysis", but I'm unclear on why that is useful or 
even necessary? I removed the flag for my tests, and at first glance it 
still seems to work. FWIW, I had to modify the pattern matching in the Perl 
script, because in our instance there are two tabs before the first IP 

    .:.Sebastian Hagedorn - Weyertal 121 (Gebäude 133), Zimmer 2.02.:.
                 .:.Regionales Rechenzentrum (RRZK).:.
   .:.Universität zu Köln / Cologne University - ✆ +49-221-470-89578.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pkcs7-signature
Size: 5313 bytes
Desc: not available
Url : 

More information about the Info-cyrus mailing list