Since people are now talking about the SSLv3 security hole and how to disable it, here's a thread where you can talk about that. In Dovecot v2.1+ you can disable SSLv3 by setting: ssl_protocols = !SSLv2 !SSLv3 In older versions you'd have to patch the source code. Attached a patch against v2.0. I don't know if there are any clients that would break by disabling SSLv3. I'd expect all the clients to use the system (or otherwise generic) SSL libraries, which would automatically choose the TLS protocol over SSL. So my guess is that unless somebody is using over a 10 year old client there wouldn't be any problems. Maybe some old mobile phones might be using SSL.. If you find out about any clients that require SSLv3 I'd like to know about it. For Dovecot v2.3 I could maybe disable SSLv3 by default if there's no real need for it. (Also: Don't be confused by SSL/TLS protocols vs. SSL port/STARTTLS, as described in http://wiki2.dovecot.org/SSL. For example https://en.wikipedia.org/wiki/Comparison_of_email_clients#SSL_and_TLS_support is irrelevant here.) -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-sslv3-disable.diff Type: application/octet-stream Size: 533 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20141014/0c46af0d/attachment.obj> -------------- next part --------------
On 14 Oct 2014, at 12:25, Timo Sirainen <tss at iki.fi> wrote:> Since people are now talking about the SSLv3 security hole and how to disable it, here's a thread where you can talk about that. In Dovecot v2.1+ you can disable SSLv3 by setting: > > ssl_protocols = !SSLv2 !SSLv3 > > In older versions you'd have to patch the source code. Attached a patch against v2.0.It might be possible in older versions to also modify ssl_cipher_list to disable the SSLv3 ciphers. But I'm not sure if that actually works (especially without breaking TLSv1 as well). Anyway, reading https://www.openssl.org/~bodo/ssl-poodle.pdf it describes how to use the problem against web services using a similar attack as with BEAST. My understanding is that this kind of an attack is difficult or impossible to use against IMAP/POP3 protocols, because the clients always send the same pre-login data and there's nothing the attacker can do about that. Would be a good time anyway now to get rid of the SSLv3 protocol just in case there is a way to attack it.
On Tue, Oct 14, 2014 at 12:25:32PM -0700, Timo Sirainen wrote:> Since people are now talking about the SSLv3 security hole and how to disable it, here's a thread where you can talk about that. In Dovecot v2.1+ you can disable SSLv3 by setting: > > ssl_protocols = !SSLv2 !SSLv3 > > In older versions you'd have to patch the source code. Attached a patch against v2.0.Do you have any plans to make this (SSLv3 disabled) the new default for ssl_protocols? I'm considering doing this in the Debian package. Cheers, Jelmer
Reasonably Related Threads
- [PATCH] ssl: fix reference to SSLv2 and disable SSLv3
- Restricting SSL/TLS protocol versions on Dovecot 2.2.22
- Restricting SSL/TLS protocol versions on Dovecot 2.2.22
- Samba 4 - disabling SSLv3 to mitigate POODLE effects
- imap-login SSLv3 causes signal 11, core dump and DoS. ssl_protocols = ??