Cyrus IMAP 2.4.18 released
Andrew Morgan
morgan at orst.edu
Tue Jul 7 16:34:47 EDT 2015
On Tue, 7 Jul 2015, Sebastian Hagedorn wrote:
> --On 6. Juli 2015 13:38:16 -0700 Andrew Morgan <morgan at orst.edu> wrote:
>
>> On Mon, 6 Jul 2015, Sebastian Hagedorn wrote:
>>
>>> --On 6. Juli 2015 14:23:11 +1000 ellie timoney <ellie at fastmail.com>
>>> wrote:
>>>
>>>> Please consult the release notes before upgrading to 2.4.18:
>>>>
>>>> https://docs.cyrus.foundation/imap/release-notes/2.4-current.html
>>>
>>> The big one is this: "Disable use of SSLv2/SSLv3"
>>>
>>> When I look at our log files, I see that there are still several hundred
>>> SSLv3 connections per day. I'm worried that not all clients used by our
>>> users support TLSv1. One such client appears to be Outlook 2003. Has
>>> anybody else (especially in education) already turned off SSLv3? What
>>> were your experiences?
>>
>> I had similar concerns when I was making SSLv3 and cipher changes to my
>> LDAP service. I wanted to proactively identify any clients that would be
>> affected so we could fix them in advance.
>>
>> I used tshark to sniff the ciphers for all my incoming connections, but
>> you can also get the TLS version used from the output.
>>
>> I wrote it up in a blog post here:
>>
>>
>> http://blogs.oregonstate.edu/sysadmin/2015/07/01/tracking-ssltls-cipher-u
>> sage/
>
> Thanks for your reply! Our Cyrus server is still running RHEL 5, and its
> tshark binary doesn't yet support the "-2" flag. I see that it's supposed to
> "Perform a two-pass analysis", but I'm unclear on why that is useful or even
> necessary? I removed the flag for my tests, and at first glance it still
> seems to work. FWIW, I had to modify the pattern matching in the Perl script,
> because in our instance there are two tabs before the first IP address.
I copied the basic tshark parameters from someone else. When I run the
capture without -2, the output is slightly different, although it seems to
capture the same basic information.
It appears the parameters -R, -2, and -Y have been changing between
versions. Current versions of tshark have -Y, which applies a display
filter. My version (v1.8.10 on Oracle Linux 6) doesn't have -Y though.
Andy
More information about the Info-cyrus
mailing list