Wesley Alan Wright wrote: > Using cyrus-imapd-2.2.12-9.RHEL4.i386 and cyrus-sasl-2.1.19-14.i386, > trying to disable sslV2 to satisfy silly PCI (Purchase Card Industry) > requirements yet keep ports 993 and 995 open. Tried 37 different > variations of tls_cipher_list includin draconian tls_cipher_list: -ALL: > +HIGH:-SSLv2m yet > > openssl s_client -ssl2 -connect localhost:993 > > > Still yields > > SSL handshake has read 987 bytes and written 239 bytes > --- > New, SSLv2, Cipher is DES-CBC3-MD5 > Server public key is 1024 bit > SSL-Session: > Protocol : SSLv2 > Cipher : DES-CBC3-MD5 > > > I beginning to think it can't be done.\? I've used this in the past and it works just fine: tls_cipher_list: DEFAULT:!SSLv2:!LOW:!EXPORT -- Kenneth Murchison Systems Programmer Project Cyrus Developer/Maintainer Carnegie Mellon University ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
