[Ach] DROWN Attack
sebix at sebix.at
Tue Mar 1 20:59:33 CET 2016
Currently, for mailservers we allow SSL for opportunistic TLS encryption
between mailservers. For all other cases, SSL is disabled.
I think we should at least disallow SSLv2 for mta traffic, as SSLv2 and
SSLv3 are nearly equally available.
On 03/01/2016 08:14 PM, Torge Riedel wrote:
> Hi list,
> is it worth to add/merge recommendations from
> to the ACH configuration?
> Related article (in German):
> I apologize if ACH configuration is already up-to-date, I didn't
> checked. Too busy.
> Ach mailing list
> Ach at lists.cert.at
> python programming - mail server - photo - video - https://sebix.at
> cryptographic key at https://sebix.at/DC9B463B.asc and on public keyservers
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the Ach