ADH is susceptible to MITM attacks, but I can't seem to turn it off.
I've tried various permutations of
tls_preempt_cipherlist = yes
tls_high_cipherlist (with !DH and !ADH)
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers = high
I'm running 2.9.6 on Debian Wheezy.
An
On 20-05-2014 12:16, li...@rhsoft.net wrote:
Am 20.05.2014 13:03, schrieb Colin Fowler:
ADH is susceptible to MITM attacks, but I can't seem to turn it off.
I've tried various permutations of
tls_preempt_cipherlist = yes
tls_high_cipherlist (with !DH and !ADH)
smtpd_tls_mandatory
Thank you Viktor for your reply!
On 20-05-2014 13:44, Viktor Dukhovni wrote:
On Tue, May 20, 2014 at 02:25:49PM +0200, Thomas Leuxner wrote:
In any case you miserably failed to elaborate how to mitigate
the issue other than stating 'revert the change'.
Without defending the tone of that advi
ginal config.
thanks again,
Colin
On 20-05-2014 14:25, Viktor Dukhovni wrote:
On Tue, May 20, 2014 at 02:11:34PM +0100, Colin Fowler wrote:
>Opportunistic TLS is sometimes counter-intuitive, attempting to
>make it stronger by removing weaker features actually makes it
>
