On 2017-05-24 14:54:34 (+0200), Bastian Blank
<bastian+postfix-users=postfix....@waldi.eu.org> wrote:
On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote:
You shouldn't be accepting sslv3 due to the poodle attack.
https://en.m.wikipedia.org/wiki/POODLE
Please explain how exactly SMTP is exploitable using POODLE?
There are other good reasons to disable SSLv3. But POODLE is a
distraction in the context of SMTP.
In general though, when it comes to SMTP, any encryption is better than
none. And opportunistic encryption is the way to go. Read RFC 7435:
https://tools.ietf.org/html/rfc7435
Philip
--
Philip Paeps
Senior Reality Engineer
Ministry of Information
