On Wed, Mar 2, 2016 at 5:29 PM, Brandon Long <bl...@google.com> wrote:

> I thought that POODLE required a specific type of fallback that tended to
> be browser specific (ie, prevent a tls connection, forcing the browser to
> fall back to a ssl3 connection), do any smtp servers actually do that?
>

Re-negotiation is part of SSL/TLS I believe, so once STARTTLS is initiated,
I believe you can create the right conditions to fall back to SSLv3.

This tool is cool for finding issues on mail servers
https://ssl-tools.net/mailservers
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Reply via email to