The specific POODLE attack is only an example that applies to web-connections, referencing it is therefore misleading, but the underlying flaw affects all SSLv3 traffic AFAIK.
The paper by google ( https://www.openssl.org/~bodo/ssl-poodle.pdf ) states: "we discuss how attackers can [..] break the cryptographic security of SSL 3.0." Therefore the flaw should also be exploitable with SMTP-connections. To quote: https://www.us-cert.gov/ncas/alerts/TA14-290A: This affects most current browsers and websites, but also includes _any_ software that either references a vulnerable SSL/TLS library (e.g. OpenSSL) or implements the SSL/TLS protocol suite itself. (emphasis mine) But lets disregard POODLE for the moment, does postfix handle "inappropriate fallback" errors in any way, or does it also fall back to unencrypted traffic? Am 06.11.2014 um 15:24 schrieb li...@rhsoft.net: > > > Am 06.11.2014 um 15:08 schrieb Lars Heide: >> does anybody know how postfix handles a detected MITM attack based on >> POODLE? > > it don't need to - read how it works and than imagine how it should be > possible to inject and execute javascript into the connection in case of > SMTP -- IT- Services Forschungszentrum Jülich GmbH Tel: +49 2461 61 9237 Fax: +49 2461 61 9209 Internet: www.fz-juelich.de
smime.p7s
Description: S/MIME Cryptographic Signature
