Disable sslv3

From snippet wiki
Jump to navigation Jump to search

To disable SSLv3 for imap within the dovecot package:

Create or update the local.conf file in /etc/dovecot like this 

ssl_protocols = !SSLv2 !SSLv3

and test the result 

openssl s_client -connect mail.example.com:993 -ssl3

which now shouldn't be able to connect to your imap server. That is the right reaction, now you are protected agains that Poodle attack.

Retrieved from "http://snippet.wiki/w/index.php?title=Disable_sslv3&oldid=460"