On Wed, Oct 15, 2014 at 11:06:14PM +0200, Robert Schetterer wrote:
> > Viktor Dukhovni:
> >
> >> POODLE is not an SMTP attack. No need to panic. Disabling SSL
> >> 3.0 may feel good, but the net effect is slightly negative, since
> >> you'll now use cleartext with SSLv3-only SMTP peers.
> >
> > to calculate the damage, count:
> >
> > < inbound >
> > # grep 'TLS connection established from' /var/log/mail | sed -e
> > 's/^.*\]\: //' -e 's/ with cipher.*//' | sort | uniq -c
>
>
> >
> > < outbound >
> > # grep 'TLS connection established to' /var/log/mail | sed -e
> > 's/^.*\]:25\: //' -e 's/ with cipher.*//' | sort | uniq -c
> >
> > Andreas
> >
>
> doesnt look loosing much here
>
> 4 SSLv3
> 22353 TLSv1
>
> 2 SSLv3
> 17664 TLSv1
Yep, "slightly negative". The magnitude of the effect will vary
from site to site.
--
Viktor.
