Discussion:
SSLv3 vulnerability
Filipp Gunbin
2014-10-16 10:53:17 UTC
Permalink
Recently an SSL v3 vulnerability was discovered [1], so some mail
servers (I know of fastmail.fm by the moment [2]) disabled / will disable it
completely.

Switching to TLS will help:

(setq imap-ssl-program '("openssl s_client -quiet -tls1 -connect %s:%p"))

[1] http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.html

[2] The http://blog.fastmail.fm/2014/10/15/ssl-3-0-disabled-due-to-security-vulnerability/
--
Filipp
Andreas Schwab
2014-10-16 16:47:36 UTC
Permalink
Post by Filipp Gunbin
Recently an SSL v3 vulnerability was discovered [1], so some mail
servers (I know of fastmail.fm by the moment [2]) disabled / will disable it
completely.
(setq imap-ssl-program '("openssl s_client -quiet -tls1 -connect %s:%p"))
Just use :stream tls or :stream starttls instead of :stream ssl.

Andreas.
--
Andreas Schwab, ***@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Filipp Gunbin
2014-10-16 17:29:49 UTC
Permalink
Post by Andreas Schwab
Post by Filipp Gunbin
Recently an SSL v3 vulnerability was discovered [1], so some mail
servers (I know of fastmail.fm by the moment [2]) disabled / will disable it
completely.
(setq imap-ssl-program '("openssl s_client -quiet -tls1 -connect %s:%p"))
Just use :stream tls or :stream starttls instead of :stream ssl.
Thanks!

Filipp

Loading...