http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html
It seems that there are a number of factors (that I do not understand) that determine whether an application is vulnerable. For example, Apache/mod_ssl is not. Is there enough information here to determine whether or not Postfix is vulnerable in typical configurations? Charles
