Am 15.10.2014 um 23:03 schrieb Vincent Fox:
Just catching up to this SSLv3 "Poodle"
vulnerability.
Should I do anything with my Perdition config?
I think there is not much you can do, at least I don't see how it should
be possible to disable SSLv3 via perdition config. Maybe your platform
has some mechanism built into libssl, like setting environment variables
or something like that.
I made a small patch with some hard coded improvements, but I'm still
testing. Just using ssllabs and similar is risky, because they only
simulate browsers. No gain in security if you lock out some mail clients
and their users just turn connection encryption off....
Regards
Matthias