Ping a Specific Port

Question

Francis

Asked: 2016-03-08 07:44:18 +0800 CST2016-03-08 07:44:18 +0800 CST 2016-03-08 07:44:18 +0800 CST

Disabling SSLv2 on Dovecot v1

772

I'm still using Dovecot v1 (1.1.20) on an osx server. I'm trying to disable SSLv2. Seem like the default config already disabled it:

ssl_cipher_list = ALL:!LOW:!SSLv2:!aNULL:!ADH:!eNULL

But when I test my web server with ssllabs, it complaints my mail server (pop, imap) is vulnerable because of the use of SSLv2 (same key). I also tried:

ssl_cipher_list = ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!RC4+RSA:+HIGH:+MEDIUM:!SSLv2

With no more success.

I know, this server need major software update.

1 Answers

Voted

Michael Hampton · Answer 1 · 2016-03-08T07:52:19+08:00

Best Answer

Michael Hampton

2016-03-08T07:52:19+08:002016-03-08T07:52:19+08:00

SSLv2 is a protocol, not a cipher. The "SSLv2" in the cipher list represents several ciphers associated with SSLv2, not the protocol itself.

In dovecot, the undocumented parameter ssl_protocols is used to disable particular protocols:

ssl_protocols = !SSLv2 !SSLv3

This exists in Dovecot v2; but I don't know if it exists in Dovecot v1.

2

Disabling SSLv2 on Dovecot v1

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?