On Wed, Apr 9, 2014 at 7:01 PM, Viktor Dukhovni <postfix-us...@dukhovni.org>wrote:
> > - Upgrade to 1.0.1g ASAP if running 1.0.1--1.0.1f, and/or re-compile > OpenSSL with -DOPENSSL_NO_HEARTBEATS > > - Replace server TLS private keys and certificates. > > - Consider asking users to change SASL PLAIN/LOGIN auth passwords. > > - Change all GSSAPI server keys *and* after any extant tickets expire, > purge the old keys from the keytab file. > > > Thanks for this. Since many touch their email servers far less than their postfix configs, is there a list of files we absolutely have to check for SSL issues? As most of the internet is currently running around with their heads cut off, calm lists are a big help. Thanks!
