* SSLv3 vulnerability
@ 2014-10-16 10:53 Filipp Gunbin
2014-10-16 16:47 ` Andreas Schwab
0 siblings, 1 reply; 3+ messages in thread
From: Filipp Gunbin @ 2014-10-16 10:53 UTC (permalink / raw)
To: ding
Recently an SSL v3 vulnerability was discovered [1], so some mail
servers (I know of fastmail.fm by the moment [2]) disabled / will disable it
completely.
Switching to TLS will help:
(setq imap-ssl-program '("openssl s_client -quiet -tls1 -connect %s:%p"))
[1] http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.html
[2] The http://blog.fastmail.fm/2014/10/15/ssl-3-0-disabled-due-to-security-vulnerability/
--
Filipp
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SSLv3 vulnerability
2014-10-16 10:53 SSLv3 vulnerability Filipp Gunbin
@ 2014-10-16 16:47 ` Andreas Schwab
2014-10-16 17:29 ` Filipp Gunbin
0 siblings, 1 reply; 3+ messages in thread
From: Andreas Schwab @ 2014-10-16 16:47 UTC (permalink / raw)
To: Filipp Gunbin; +Cc: ding
Filipp Gunbin <fgunbin@fastmail.fm> writes:
> Recently an SSL v3 vulnerability was discovered [1], so some mail
> servers (I know of fastmail.fm by the moment [2]) disabled / will disable it
> completely.
>
> Switching to TLS will help:
>
> (setq imap-ssl-program '("openssl s_client -quiet -tls1 -connect %s:%p"))
Just use :stream tls or :stream starttls instead of :stream ssl.
Andreas.
--
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SSLv3 vulnerability
2014-10-16 16:47 ` Andreas Schwab
@ 2014-10-16 17:29 ` Filipp Gunbin
0 siblings, 0 replies; 3+ messages in thread
From: Filipp Gunbin @ 2014-10-16 17:29 UTC (permalink / raw)
To: Andreas Schwab; +Cc: ding
On 16/10/2014 20:47 +0400, Andreas Schwab wrote:
> Filipp Gunbin <fgunbin@fastmail.fm> writes:
>
>> Recently an SSL v3 vulnerability was discovered [1], so some mail
>> servers (I know of fastmail.fm by the moment [2]) disabled / will disable it
>> completely.
>>
>> Switching to TLS will help:
>>
>> (setq imap-ssl-program '("openssl s_client -quiet -tls1 -connect %s:%p"))
>
> Just use :stream tls or :stream starttls instead of :stream ssl.
Thanks!
Filipp
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-10-16 17:29 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-10-16 10:53 SSLv3 vulnerability Filipp Gunbin
2014-10-16 16:47 ` Andreas Schwab
2014-10-16 17:29 ` Filipp Gunbin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).