Disable sslv3

From snippet wiki
Jump to navigation Jump to search

To disable SSLv3 for imap within the dovecot package:

Create or update the local.conf file in /etc/dovecot like this

ssl_protocols = !SSLv2 !SSLv3

and test the result

openssl s_client -connect mail.example.com:993 -ssl3

which now shouldn't be able to connect to your imap server. That is the right reaction, now you are protected agains that Poodle attack.