On Wed, Mar 2, 2016 at 5:29 PM, Brandon Long <bl...@google.com> wrote:
> I thought that POODLE required a specific type of fallback that tended to > be browser specific (ie, prevent a tls connection, forcing the browser to > fall back to a ssl3 connection), do any smtp servers actually do that? > Re-negotiation is part of SSL/TLS I believe, so once STARTTLS is initiated, I believe you can create the right conditions to fall back to SSLv3. This tool is cool for finding issues on mail servers https://ssl-tools.net/mailservers
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop