Am 15.10.2014 um 22:44 schrieb A. Schulze: > > Viktor Dukhovni: > >> POODLE is not an SMTP attack. No need to panic. Disabling SSL >> 3.0 may feel good, but the net effect is slightly negative, since >> you'll now use cleartext with SSLv3-only SMTP peers. > > to calculate the damage, count: > > < inbound > > # grep 'TLS connection established from' /var/log/mail | sed -e > 's/^.*\]\: //' -e 's/ with cipher.*//' | sort | uniq -c
> > < outbound > > # grep 'TLS connection established to' /var/log/mail | sed -e > 's/^.*\]:25\: //' -e 's/ with cipher.*//' | sort | uniq -c > > Andreas > doesnt look loosing much here 4 SSLv3 22353 TLSv1 2 SSLv3 17664 TLSv1 Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
