On Sat, Oct 26, 2024 at 01:14:17PM -0400, Walter Dnes wrote > My personal domain inbound email is directed to COTSE.net. I pull > with fetchmail. After yesterday's world update, fetchmail has been > failing with the error message in the subject. I can still access my > incoming email via webmail mode (BLEAGH!!!). I've set my gmail address > to forward directly to my ISP inbox, avoiding this problem.
*I'M BACK!* It may have been a co-incidence that I ran into the problem right after an @world update https://www.cotse.net/notices.html > Oct 28 - During a recent deployment for some configuration changes, an > incorrect version of a dovecot configuration file was deployed. This > resulted in a weak Diffie-Hellmann parameter (1024 instead of 2048) > to be used in our imaps and pops protocols, as well as some weaker > ciphers to be available. We were notified by one of our subscribers > and it has been corrected. We do not see evidence of any of our > subscriber's email clients having selected a weaker cipher during > this time, which could be an indication of a MITM attack on that > subscriber. This did not affect webmail users. -- There are 2 types of people in this world 1) Those who can extrapolate from incomplete data
