Am 14.08.2013 22:04, schrieb Robert Schetterer:
> Am 14.08.2013 21:30, schrieb Reindl Harald:
>> Am 14.08.2013 21:19, schrieb Robert Schetterer:
> thx Harald, upgrading openssl to 1.x and using dove 2.2.5 is no option
> at my setup lucid ubuntu yeter
so you can practically forget
I would like to contribute this suggestion (assuming nobody has already) :
ssl_cipher_list = TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:!PSK:@STRENGTH
I have not tested it incredibly thoroughly, but I do believe the @STRENGTH at
the end is the little secret that puts the order into the chaos.
third try - a limit of 40 KB is ridiculous given the base64
overhead for e-mail and i hardly can cut more of the screenshot
before it renders unusable at all...
Am 14.08.2013 22:04, schrieb Robert Schetterer:
> Am 14.08.2013 21:30, schrieb Reindl Harald:
>> Am 14.08.2013 21:19, schrieb Robert
Am 14.08.2013 21:30, schrieb Reindl Harald:
>
>
> Am 14.08.2013 21:19, schrieb Robert Schetterer:
thx Harald, upgrading openssl to 1.x and using dove 2.2.5 is no option
at my setup lucid ubuntu yeter
>>>
>>> so you can practically forget it
>>
>> perhaps true forever, as long old client
Am 14.08.2013 21:19, schrieb Robert Schetterer:
>>> thx Harald, upgrading openssl to 1.x and using dove 2.2.5 is no option
>>> at my setup lucid ubuntu yeter
>>
>> so you can practically forget it
>
> perhaps true forever, as long old clients are around, cause the server
> can only workaround th
Am 14.08.2013 20:54, schrieb Reindl Harald:
>
> Am 14.08.2013 20:42, schrieb Robert Schetterer:
>> Am 14.08.2013 19:03, schrieb Reindl Harald:
>>> ssl_cipher_list =
>>> EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:HIGH:!aNULL:!eNULL:!EXP:!MD5:!LOW:!SSLv2
>>>
Am 14.08.2013 20:42, schrieb Robert Schetterer:
> Am 14.08.2013 19:03, schrieb Reindl Harald:
>> ssl_cipher_list =
>> EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:HIGH:!aNULL:!eNULL:!EXP:!MD5:!LOW:!SSLv2
>>
>> is what is *higly* recommended after testing web
Am 14.08.2013 19:03, schrieb Reindl Harald:
>
>
> Am 14.08.2013 18:54, schrieb Robert Schetterer:
>> http://www.kuketz-blog.de/perfect-forward-secrecy-mit-apple-mail/
>>
>> it looks like DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA can be forced in use
>> with apple mail
>>
>>
>> ( if no ECDHE is possib
Am 14.08.2013 18:54, schrieb Robert Schetterer:
> http://www.kuketz-blog.de/perfect-forward-secrecy-mit-apple-mail/
>
> it looks like DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA can be forced in use
> with apple mail
>
>
> ( if no ECDHE is possible ,by missing openssl 1.x etc,
> seems that apple mai
Hi Timo,
reading this
http://www.kuketz-blog.de/perfect-forward-secrecy-mit-apple-mail/
it looks like DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA can be forced in use
with apple mail
( if no ECDHE is possible ,by missing openssl 1.x etc,
seems that apple mail tries ECDHE first if fails its going to
10 matches
Mail list logo
