On Sun, 2023-11-19 at 18:28 -0500, Steve Litt wrote:
>
> doveconf -d shows that I have no such config key as ssl_protocols, my
> ssl_min_protocol is TLSv1.2, and the default ssl_cipher_list is the
> following huge string:
>
> ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!R
Bernardo Reino said on Sun, 19 Nov 2023 09:04:15 +0100 (CET)
>On Sun, 19 Nov 2023, Steve Litt wrote:
>
>> Michael Orlitzky said on Sat, 18 Nov 2023 17:31:49 -0500
>>
>>> On Sat, 2023-11-18 at 16:54 -0500, Steve Litt wrote:
I forgot to say: I'm using Dovecot 2.3.21 on an up to date 64
On Sun, 2023-11-19 at 15:33 -0500, Steve Litt wrote:
>
> Thanks Bernardo,
>
> I use Void Linux, not Debian. Is there a command that tells me the
> defaults?
>
The one I typed :)
The doveconf command has a few flags that control what settings are
displayed, and "-d" tells it to show the default
Bernardo Reino said on Sun, 19 Nov 2023 09:04:15 +0100 (CET)
>On Sun, 19 Nov 2023, Steve Litt wrote:
>
>> Michael Orlitzky said on Sat, 18 Nov 2023 17:31:49 -0500
>>
>>> On Sat, 2023-11-18 at 16:54 -0500, Steve Litt wrote:
I forgot to say: I'm using Dovecot 2.3.21 on an up to date 64
On Sun, 19 Nov 2023, Steve Litt wrote:
Michael Orlitzky said on Sat, 18 Nov 2023 17:31:49 -0500
On Sat, 2023-11-18 at 16:54 -0500, Steve Litt wrote:
I forgot to say: I'm using Dovecot 2.3.21 on an up to date 64 bit
x86_64 Void Linux computer using runit for its init system. I
populate Doveco
Michael Orlitzky said on Sat, 18 Nov 2023 17:31:49 -0500
>On Sat, 2023-11-18 at 16:54 -0500, Steve Litt wrote:
>>
>> I forgot to say: I'm using Dovecot 2.3.21 on an up to date 64 bit
>> x86_64 Void Linux computer using runit for its init system. I
>> populate Dovecot's Maildir via fetchmail and p
On Sat, 2023-11-18 at 16:54 -0500, Steve Litt wrote:
>
> I forgot to say: I'm using Dovecot 2.3.21 on an up to date 64 bit
> x86_64 Void Linux computer using runit for its init system. I populate
> Dovecot's Maildir via fetchmail and procmail.
>
You probably don't have to do anything. SSLv2 and
Steve Litt said on Sat, 18 Nov 2023 16:42:42 -0500
>Hi all,
>
>Ten years after the fact I learned about POODLE (Padding Oracle On
>Downgraded Legacy Encryption) vulnerabilities, which enable a poorly
>configured server to force my client to downgrade to vulnerable
>encryption.
>
>My current conf.d
Hi all,
Ten years after the fact I learned about POODLE (Padding Oracle On
Downgraded Legacy Encryption) vulnerabilities, which enable a poorly
configured server to force my client to downgrade to vulnerable
encryption.
My current conf.d/10-ssl.conf contains the following line:
ssl_cipher_list =
